Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
SOC Analyst
Eingestellt von MBA - Amsterdam
Gesuchte Skills: Network, Oracle, Linux, Waf
Projektbeschreibung
We are looking for someone who will:
PERFORM SECURITY EVENT MONITORING (SECURITY ANALYSIS LEVEL 2) FOR THE COMPONENTS MONITORED BY THE SOC
Perform second level security events analysis of systems under monitored by DIGIT Security ns.
The main tasks of a security analyst level 2 are to:
- Review the Security Information and Event Management (SIEM) tool interface, as the tool correlates and aggregates alert data from multiple systems and device logs,
- perform an exhaustive daily analysis of events/alerts received, by prioritising events review activities,
- detect and assess alert severity and escalate to the next level or operational team as needed following guidelines
- support the next escalation level in assessing the alert
- follow-up escalated issues (mostly alerts escalated from level 1) for deeper assessment,
- follow approved events review processes and procedures
- propose improvements to events review processes and procedures
- Develop/maintain/improve SOC processes and procedures framework
- prepare review reports
- prepare activity reports
- Submit an End-of-Shift Report summarizing activities for the shift
- Respond to inbound phone (SOC line) and electronic requests
PARTICIPATE IN THE MANAGEMENT/ADMINISTRATION OF THE COMPONENTS UNDER THE RESPONSIBILITY OF DIGIT SECURITY OPERATIONS CENTRE
This includes (but is not limited to) the following components:
- VMWare
- Windows Servers
- Linux Servers
- NetAPP FAS Storage (NAS)
- Oracle Database
- ArcSight SIEM components (Logger, log forwarders, smart connectors, ESM, DB, Clients.)
- IDS/NBA
- Vulnerability scanning solutions
- Network/systems forensics solutions
The main activities will be to design, implement, operate, maintain and improve SOC detection capabilities. This includes developing/configuring/defining configuration policies, signatures, applying them and analysing the outcome.
EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
- Mastering a recognised common body of knowledge in the field of IT security (holding a security certification such as CISSP) or become CISSP within 18 month period after starting date (training should be followed within 6 month after starting date)
- Experienced in security monitoring and/or incident handling, SANS GICH certification is a real advantage
- Security vendors or GIAC, GCIA, GCFW, GHTO, GSEC certification desirable
- University degree or equivalent experience, in a relevant subject
- Very good command of English and French (written and spoken)
- Ability to participate in meetings, good communicator
- Strong teamwork abilities
- Experience working in a process-oriented workflow environment
- Ability to work well under pressure, meeting multiple deadlines
- Ability to work independently with minimum supervision
- Strong capabilities of self learning
- Potential to develop skills and learn new technologies;
- Enthusiasm and motivation to work are mandatory skills;
- Strong experience in Network Security (eg security aspects of TCPIP, Cisco Switches and Routers, Firewalls, VPN, network security scanning tools, IDS/IPS, Bluecoat proxies, reverse-proxies, WAF, Netflow, WiFi, VoIP, PKI, network incident troubleshooting and handling).
Experience in:
- Operating Systems Security (eg Windows family, UNIX/Linux).
- Middleware and Application Security (eg Database Management Servers like Oracle or SQL Server, Web Servers
- Scripting languages (Perl, windows Scripting)Michael Bailey International is acting as an Employment Business in relation to this vacancy.
PERFORM SECURITY EVENT MONITORING (SECURITY ANALYSIS LEVEL 2) FOR THE COMPONENTS MONITORED BY THE SOC
Perform second level security events analysis of systems under monitored by DIGIT Security ns.
The main tasks of a security analyst level 2 are to:
- Review the Security Information and Event Management (SIEM) tool interface, as the tool correlates and aggregates alert data from multiple systems and device logs,
- perform an exhaustive daily analysis of events/alerts received, by prioritising events review activities,
- detect and assess alert severity and escalate to the next level or operational team as needed following guidelines
- support the next escalation level in assessing the alert
- follow-up escalated issues (mostly alerts escalated from level 1) for deeper assessment,
- follow approved events review processes and procedures
- propose improvements to events review processes and procedures
- Develop/maintain/improve SOC processes and procedures framework
- prepare review reports
- prepare activity reports
- Submit an End-of-Shift Report summarizing activities for the shift
- Respond to inbound phone (SOC line) and electronic requests
PARTICIPATE IN THE MANAGEMENT/ADMINISTRATION OF THE COMPONENTS UNDER THE RESPONSIBILITY OF DIGIT SECURITY OPERATIONS CENTRE
This includes (but is not limited to) the following components:
- VMWare
- Windows Servers
- Linux Servers
- NetAPP FAS Storage (NAS)
- Oracle Database
- ArcSight SIEM components (Logger, log forwarders, smart connectors, ESM, DB, Clients.)
- IDS/NBA
- Vulnerability scanning solutions
- Network/systems forensics solutions
The main activities will be to design, implement, operate, maintain and improve SOC detection capabilities. This includes developing/configuring/defining configuration policies, signatures, applying them and analysing the outcome.
EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
- Mastering a recognised common body of knowledge in the field of IT security (holding a security certification such as CISSP) or become CISSP within 18 month period after starting date (training should be followed within 6 month after starting date)
- Experienced in security monitoring and/or incident handling, SANS GICH certification is a real advantage
- Security vendors or GIAC, GCIA, GCFW, GHTO, GSEC certification desirable
- University degree or equivalent experience, in a relevant subject
- Very good command of English and French (written and spoken)
- Ability to participate in meetings, good communicator
- Strong teamwork abilities
- Experience working in a process-oriented workflow environment
- Ability to work well under pressure, meeting multiple deadlines
- Ability to work independently with minimum supervision
- Strong capabilities of self learning
- Potential to develop skills and learn new technologies;
- Enthusiasm and motivation to work are mandatory skills;
- Strong experience in Network Security (eg security aspects of TCPIP, Cisco Switches and Routers, Firewalls, VPN, network security scanning tools, IDS/IPS, Bluecoat proxies, reverse-proxies, WAF, Netflow, WiFi, VoIP, PKI, network incident troubleshooting and handling).
Experience in:
- Operating Systems Security (eg Windows family, UNIX/Linux).
- Middleware and Application Security (eg Database Management Servers like Oracle or SQL Server, Web Servers
- Scripting languages (Perl, windows Scripting)Michael Bailey International is acting as an Employment Business in relation to this vacancy.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges