Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Analyst in the SOC (Security Operating Center) with Forensics
Eingestellt von Aardvark Consulting
Gesuchte Skills: Waf, Network, Client, Ip
Projektbeschreibung
Security Analyst in the SOC (Security Operating Center) with Forensics analysis, Breach investigation, IDS (intrusion detection system), SIEM (security incident and event management systems), APT (Advanced Persistent Threat), WAF (web application Firewall).
Location: Brussels, Belgium
Security Analyst in the SOC (Security Operating Center), Forensics analysis, Breach investigation, IDS (intrusion detection system), SIEM (security incident and event management systems), APT (Advanced Persistent Threat), WAF (web application Firewall).
Our client is urgently searching for a strong Security Analyst in the SOC (Security Operating Center) with Forensics analysis, Breach investigation, IDS (intrusion detection system), SIEM (security incident and event management systems), APT (Advanced Persistent Threat), WAF (web application Firewall) to work on a critical project in Brussels, Belgium.
A successful candidate will have strong skills in:
- Security Analyst in the SOC (Security Operating Center)
- Forensics analysis
- Breach investigation
- IDS: Intrusion Detection System
- SIEM: Security Incident and Event Management Systems
- APT: Advanced Persistent Threat
- WAF: Web Application Firewall
The role:
A successful candidate will be responsible for conducting incident response operations according to documented procedures and industry best practices. Candidates must have excellent communication skills. Must have extensive experience in multiple security areas such as SIEM, IDS, APT and WAF. Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SED. Ideal candidates should have extensive experience in Linux and/or Windows operating systems as well as having a deep knowledge of networking and attack methods such as SQLi and pivoting. Must display enthusiasm and interest in information Security.
Standard Job Requirements:
First point of escalation for the Level 1
Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
Review and build new operational processes and procedures
Provide first responder forensics analysis and investigation
Drives containment strategy during data loss or breach events
Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
Works directly with data asset owners and business response plan owners during low and medium severity incidents
Advice on the tuning of IDS, Proxy policy, in-line malware tools based on threat feeds, trust and rotation data, incidents or vulnerabilities and exploits of downstream systems.
Provide use case creation/tuning recommendations to administrators based on findings during investigations or threat information interviews
Lead response actions for incidents where CIRT is not required to intervene (low/medium priority)
Performing administrative tasks per management request (ad-hoc reports/training)
Functional and Technical competencies
2+ year prior experience in a similar position
Passion and drive to work in start-up division with potential of significant growth in scope and services
Possess good logical and analytical skills to help in analysis of security events/incidents
Experience of network security zones, Firewall configurations, IDS policies
In depth knowledge TCP/IP
Knowledge of systems communications from OSI Layer 1 to 7
Experience with Systems Administration, Middleware and Application Administration
Experience with Network and Network Security tools administration
Knowledge of log formats and ability to aggregate and parse log data for syslog, HTTP logs, DB logs for investigation purposes
Ability to make create a containment strategy and execute
Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
Good knowledge of threat areas and common attack vectors (malware, phishing, APT, technology attack etc)
This is an English speaking role.
Please send your CV in Word format ASAP for immediate and confidential interviews.
Location: Brussels, Belgium
Security Analyst in the SOC (Security Operating Center), Forensics analysis, Breach investigation, IDS (intrusion detection system), SIEM (security incident and event management systems), APT (Advanced Persistent Threat), WAF (web application Firewall).
Our client is urgently searching for a strong Security Analyst in the SOC (Security Operating Center) with Forensics analysis, Breach investigation, IDS (intrusion detection system), SIEM (security incident and event management systems), APT (Advanced Persistent Threat), WAF (web application Firewall) to work on a critical project in Brussels, Belgium.
A successful candidate will have strong skills in:
- Security Analyst in the SOC (Security Operating Center)
- Forensics analysis
- Breach investigation
- IDS: Intrusion Detection System
- SIEM: Security Incident and Event Management Systems
- APT: Advanced Persistent Threat
- WAF: Web Application Firewall
The role:
A successful candidate will be responsible for conducting incident response operations according to documented procedures and industry best practices. Candidates must have excellent communication skills. Must have extensive experience in multiple security areas such as SIEM, IDS, APT and WAF. Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SED. Ideal candidates should have extensive experience in Linux and/or Windows operating systems as well as having a deep knowledge of networking and attack methods such as SQLi and pivoting. Must display enthusiasm and interest in information Security.
Standard Job Requirements:
First point of escalation for the Level 1
Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
Review and build new operational processes and procedures
Provide first responder forensics analysis and investigation
Drives containment strategy during data loss or breach events
Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
Works directly with data asset owners and business response plan owners during low and medium severity incidents
Advice on the tuning of IDS, Proxy policy, in-line malware tools based on threat feeds, trust and rotation data, incidents or vulnerabilities and exploits of downstream systems.
Provide use case creation/tuning recommendations to administrators based on findings during investigations or threat information interviews
Lead response actions for incidents where CIRT is not required to intervene (low/medium priority)
Performing administrative tasks per management request (ad-hoc reports/training)
Functional and Technical competencies
2+ year prior experience in a similar position
Passion and drive to work in start-up division with potential of significant growth in scope and services
Possess good logical and analytical skills to help in analysis of security events/incidents
Experience of network security zones, Firewall configurations, IDS policies
In depth knowledge TCP/IP
Knowledge of systems communications from OSI Layer 1 to 7
Experience with Systems Administration, Middleware and Application Administration
Experience with Network and Network Security tools administration
Knowledge of log formats and ability to aggregate and parse log data for syslog, HTTP logs, DB logs for investigation purposes
Ability to make create a containment strategy and execute
Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
Good knowledge of threat areas and common attack vectors (malware, phishing, APT, technology attack etc)
This is an English speaking role.
Please send your CV in Word format ASAP for immediate and confidential interviews.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung