Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Engineer (Cyber Defence)
Eingestellt von Penta Consulting
Gesuchte Skills: Network, Engineer, Python, Perl
Projektbeschreibung
CYBER DEFENCE - SECURITY MONITORING & INCIDENT RESPONSE EXPERT
TIER 1 - SECURITY MONITORING
- Alert Monitoring to detect potentially-malicious or anomalous activity based on event data (log files and data outputs) from a wide range of IT systems and network components (see Miscellaneous).
- Alert, performance and threshold tuning and analysis across the tool sets, based on traffic patterns and other data.
- Develop & maintain monitoring and reporting dashboards.
- Produce and review periodic metrics with regards to security monitoring.
TIER 2 - ALERT QUALIFICATION
- Investigate security alerts leveraging a wide range of IT systems and network components (see Miscellaneous), as well as threat intelligence to qualify potential incidents.
- Escalate confirmed incident to the incident responder on duty.
- Develop
- Knowledge of different key protocols and services throughout the seven layers of the OSI model (IP, ICMP, TCP, UDP, Telnet, SSH, SMTP, POP3, HTTP(S), FTP, DNS,).
- Familiarity with common cyber threat modus operandi, tools and techniques (TTP: tools, techniques and procedures)
- Familiarity with deterministic detection schemes and use of observables (IOC: indicators of compromise)
Preferable
- Past experience in an incident response context.
- Knowledge of various IDS/IPS, NetFlow, and protocol collection and analysis tools such as Snort, Suricata, Bro, Argus, SiLK, tcpdump, and WireShark.
- Knowledge of log aggregation, SIEM solutions and search and analytics engines such as QRadar, Splunk, ArcSight, ELK,
- Experience with programming and Scripting languages: most notably Perl, Ruby, and Python.
- Experience with text manipulation tools, such as SED, AWK and grep.
- Experience with penetration testing tools such as Metasploit, CORE Impact, or Kali Linux.
- Web Application Security Development. (OWASP);
- Knowledge of popular cryptography algorithms and protocols: AES, RSA, MD5, SHA, Kerberos, SSL/TLS, Diffie Hellman.
- Knowledge of some NIDS/NIPS or HIDS/HIPS tools.
- Knowledge of media forensics and analysis tools.
- Knowledge of automation of data interfacing and machine to machine communication.
IF YOU ARE INTERESTED THEN PLEASE SEND YOUR CV TO (SEE BELOW) - (FRENCH OR DUTCH SPEAKING CANDIDATES ONLY)
TIER 1 - SECURITY MONITORING
- Alert Monitoring to detect potentially-malicious or anomalous activity based on event data (log files and data outputs) from a wide range of IT systems and network components (see Miscellaneous).
- Alert, performance and threshold tuning and analysis across the tool sets, based on traffic patterns and other data.
- Develop & maintain monitoring and reporting dashboards.
- Produce and review periodic metrics with regards to security monitoring.
TIER 2 - ALERT QUALIFICATION
- Investigate security alerts leveraging a wide range of IT systems and network components (see Miscellaneous), as well as threat intelligence to qualify potential incidents.
- Escalate confirmed incident to the incident responder on duty.
- Develop
- Knowledge of different key protocols and services throughout the seven layers of the OSI model (IP, ICMP, TCP, UDP, Telnet, SSH, SMTP, POP3, HTTP(S), FTP, DNS,).
- Familiarity with common cyber threat modus operandi, tools and techniques (TTP: tools, techniques and procedures)
- Familiarity with deterministic detection schemes and use of observables (IOC: indicators of compromise)
Preferable
- Past experience in an incident response context.
- Knowledge of various IDS/IPS, NetFlow, and protocol collection and analysis tools such as Snort, Suricata, Bro, Argus, SiLK, tcpdump, and WireShark.
- Knowledge of log aggregation, SIEM solutions and search and analytics engines such as QRadar, Splunk, ArcSight, ELK,
- Experience with programming and Scripting languages: most notably Perl, Ruby, and Python.
- Experience with text manipulation tools, such as SED, AWK and grep.
- Experience with penetration testing tools such as Metasploit, CORE Impact, or Kali Linux.
- Web Application Security Development. (OWASP);
- Knowledge of popular cryptography algorithms and protocols: AES, RSA, MD5, SHA, Kerberos, SSL/TLS, Diffie Hellman.
- Knowledge of some NIDS/NIPS or HIDS/HIPS tools.
- Knowledge of media forensics and analysis tools.
- Knowledge of automation of data interfacing and machine to machine communication.
IF YOU ARE INTERESTED THEN PLEASE SEND YOUR CV TO (SEE BELOW) - (FRENCH OR DUTCH SPEAKING CANDIDATES ONLY)
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Ingenieurwesen/Technik