Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Security Operations Arcsight Vulnerability 18 Months Benelux
Eingestellt von Claremont Consulting Ltd
Gesuchte Skills: Support, Network, Linux, Unix
Projektbeschreibung
Security Operations SOC ArcSight
18 Month contract - security consultants need to have UE Secret level clearance.
Security Vulnerability Assessment and Security technical compliance (VAC) Service Build an IT assets catalog, taking into account their criticality
The systems to test include a wide range of operating systems, network components,
database systems, application Servers;
Evaluate and implement solutions to deliver the service, by Analysing the market;
Testing solutions during POCs by developing tests environments, integrating solutions, running tests scenarios and generating results reports;
Operate the infrastructure and solutions necessary for security vulnerability assessment and security technical compliance service;
In close partnership with customers/system owners, execute vulnerability and compliance
assessments, by
o Preparing/specifying the tests, planning;
o Performing the tests;
Analysing results, drafting recommendations, drafting executive and technical
reports;
Exchanging with teams on results and recommendations;
Follow-up remediation plans;
Perform security watch on new vulnerabilities, exploits and attack methods;
In specific cases (ex for unpatched vulnerabilities),
perform technical analysis and examination of new vulnerabilities;
determine the appropriate response to mitigate or repair it;
notify the various parts about the vulnerability and share information about how to
fix or mitigate it and coordinate vulnerability response;
Define and improve the service from a technical and organisational perspective
o Define policies, processes and procedures (PPP) related to the service;
o Draft service description related documents (service catalog);
o Define KPIs and reporting documents/dashboards.
Penetration testing
In addition to the VAC service, the job holder will take part in the penetration testing process.
Keep watch and implement appropriate tools to deliver the service
Prepare and perform the tests, if realised internally;
Take part in the preparation of the pentests, supervise their execution, if outsourced;
Integrate pentests results within the frame of vulnerability management.
PARTICIPATE IN THE SECURITY ENGINEERING AND HARDENING OF SECURITY
OPERATIONS CENTRE INFRASTRUCTURE COMPONENTS
Participate in designing, implementing and managing security controls for Security
Operations Centre Infrastructure components.
This includes (but is not limited to) the following components:
o VM Ware Servers
o Windows Servers
o Linux Servers
o NetAPP FAS Storage NAS
o Oracle Database
o ArcSight components (Logger, log forwarders, smart connectors, ESM, DB,
Clients )
o Cisco Switches
o Firewalls (Checkpoint)
o Intrusion Detection Systems
o Enterprise Network and Systems forensics solutions
o Forensics lab
o Vulnerability assessment and configuration compliance solutions
o Other security solutions (central password management system, PKI)
o Infrastructure monitoring solutions
o CMDBs
Security engineering tasks will have to be performed such as systems hardening and
implementation of measures to comply with applicable security policies such as
Privileged User Access Control and Security Monitoring;
Documentation (configuration, security operating procedures) will have to be developed
and maintained.
SUPPORT SOC AND CSIRC IN THE MONITORING AND INCIDENT RESPONSE PROCESSES
Improve monitoring rules and provide support to analysts
By sharing knowledge with security analysts on system related aspects, participating in
improving correlation rules, discovery and assessment techniques and measures.
Support CSIRC
Support in the analysis phase: provide input related to impacted assets, vulnerability
knowledge;
Support in elaborating the response strategy and mitigation measures;
EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
The job holder must possess the following technical skills:
Strong experience in risk evaluation and remediation;
Strong experience with Vulnerability Assessment and Security compliance solutions;
Certifications such as GPEN, GWAPT, GWPN are a strong advantage
Experience with hardening systems security;
Experience in UNIX (Sun Solaris and Linux Redhat) system administration and or Oracle
Database
Experience with basic network protocols such as TCP/IP, IP/SEC, SMTP, DNS, etc., and
network equipment such as Switches, hubs, Routers, etc;
Strong hands-on experience in the security of Windows/Unix (including Linux)
environment;
In addition, he/she will have to demonstrate:
A very good command of English and French (written and spoken);
Enthusiasm and motivation to work, strong teamwork abilities;
Autonomy and potential to develop skills and learn new technologies;
Good initiative capability and independent problem solving experience;
Project management skills;
Service delivery experience;
Ability to manage parallel tasks and cope with pressure, in particular in crisis situations;
Ability to report rigorosly on the activities and to draft accurate and qualitative documents.
The job holder must be (or able to be) security cleared at UE SECRET level.
18 Month contract - security consultants need to have UE Secret level clearance.
Security Vulnerability Assessment and Security technical compliance (VAC) Service Build an IT assets catalog, taking into account their criticality
The systems to test include a wide range of operating systems, network components,
database systems, application Servers;
Evaluate and implement solutions to deliver the service, by Analysing the market;
Testing solutions during POCs by developing tests environments, integrating solutions, running tests scenarios and generating results reports;
Operate the infrastructure and solutions necessary for security vulnerability assessment and security technical compliance service;
In close partnership with customers/system owners, execute vulnerability and compliance
assessments, by
o Preparing/specifying the tests, planning;
o Performing the tests;
Analysing results, drafting recommendations, drafting executive and technical
reports;
Exchanging with teams on results and recommendations;
Follow-up remediation plans;
Perform security watch on new vulnerabilities, exploits and attack methods;
In specific cases (ex for unpatched vulnerabilities),
perform technical analysis and examination of new vulnerabilities;
determine the appropriate response to mitigate or repair it;
notify the various parts about the vulnerability and share information about how to
fix or mitigate it and coordinate vulnerability response;
Define and improve the service from a technical and organisational perspective
o Define policies, processes and procedures (PPP) related to the service;
o Draft service description related documents (service catalog);
o Define KPIs and reporting documents/dashboards.
Penetration testing
In addition to the VAC service, the job holder will take part in the penetration testing process.
Keep watch and implement appropriate tools to deliver the service
Prepare and perform the tests, if realised internally;
Take part in the preparation of the pentests, supervise their execution, if outsourced;
Integrate pentests results within the frame of vulnerability management.
PARTICIPATE IN THE SECURITY ENGINEERING AND HARDENING OF SECURITY
OPERATIONS CENTRE INFRASTRUCTURE COMPONENTS
Participate in designing, implementing and managing security controls for Security
Operations Centre Infrastructure components.
This includes (but is not limited to) the following components:
o VM Ware Servers
o Windows Servers
o Linux Servers
o NetAPP FAS Storage NAS
o Oracle Database
o ArcSight components (Logger, log forwarders, smart connectors, ESM, DB,
Clients )
o Cisco Switches
o Firewalls (Checkpoint)
o Intrusion Detection Systems
o Enterprise Network and Systems forensics solutions
o Forensics lab
o Vulnerability assessment and configuration compliance solutions
o Other security solutions (central password management system, PKI)
o Infrastructure monitoring solutions
o CMDBs
Security engineering tasks will have to be performed such as systems hardening and
implementation of measures to comply with applicable security policies such as
Privileged User Access Control and Security Monitoring;
Documentation (configuration, security operating procedures) will have to be developed
and maintained.
SUPPORT SOC AND CSIRC IN THE MONITORING AND INCIDENT RESPONSE PROCESSES
Improve monitoring rules and provide support to analysts
By sharing knowledge with security analysts on system related aspects, participating in
improving correlation rules, discovery and assessment techniques and measures.
Support CSIRC
Support in the analysis phase: provide input related to impacted assets, vulnerability
knowledge;
Support in elaborating the response strategy and mitigation measures;
EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
The job holder must possess the following technical skills:
Strong experience in risk evaluation and remediation;
Strong experience with Vulnerability Assessment and Security compliance solutions;
Certifications such as GPEN, GWAPT, GWPN are a strong advantage
Experience with hardening systems security;
Experience in UNIX (Sun Solaris and Linux Redhat) system administration and or Oracle
Database
Experience with basic network protocols such as TCP/IP, IP/SEC, SMTP, DNS, etc., and
network equipment such as Switches, hubs, Routers, etc;
Strong hands-on experience in the security of Windows/Unix (including Linux)
environment;
In addition, he/she will have to demonstrate:
A very good command of English and French (written and spoken);
Enthusiasm and motivation to work, strong teamwork abilities;
Autonomy and potential to develop skills and learn new technologies;
Good initiative capability and independent problem solving experience;
Project management skills;
Service delivery experience;
Ability to manage parallel tasks and cope with pressure, in particular in crisis situations;
Ability to report rigorosly on the activities and to draft accurate and qualitative documents.
The job holder must be (or able to be) security cleared at UE SECRET level.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges