Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
SOC Analyst
Eingestellt von DigiTech IS Ltd
Gesuchte Skills: Network, Sun, Support, Ip
Projektbeschreibung
Role: SOC Analyst
LOCATION: Belfast, Ireland
Duration: 6 months extendable
HOURS OF WORK
Weekend shift - Sat/Sun/Mon 0100 - 1400
ROLE DESCRIPTION
As a result of planned growth, an additional position has been identified. The Security Operations Centre (SOC) Level 2 Analyst is responsible for utilizing multiple security technologies, including the ArcSight Security Information and Event Management (SIEM) tool, custom tools, and enterprise security appliances to detect, analyze, and respond to IT security incidents.
The analyst will contribute to security functional areas beyond monitoring, including mentoring Level 1 analysts, custom development, advanced analysis, assisting with new operational processes or redesigning operational processes for incident handling. The SOC provides 24x7 operational support on a shift schedule.
RESPONSIBILITIES INCLUDE (BUT ARE NOT LIMITED TO):
- Monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners, anti-virus, and web proxies.
- Serve as an escalation point for possible security events detected by Level 1 analysts.
- Develop custom tools such as scripts or leverage existing tools in new ways.
- Specify new data correlations and analyze events using the ArcSight Security Information and Event Management (SIEM) tool.
- Contribute new or redesigned operational process and procedures for incident handling.
- Contribute new analysis techniques.
- Identify unforeseen gaps in security visibility coverage or threat exposure.
- Learn new technologies and skills like penetration testing, incident handling, security engineeringSystem administration on Unix, Linux or Windows AND must be able to demonstrate:
- Strong TCP/IP, networking fundamentals, and security foundational knowledge and working experience
- Working experience of Windows operating system tasks, such as installations, services, sharing, navigation, etc.
- Detailed understanding of common application layer protocols, such as HTTP, SSL, FTP and DNS.
- Any leading SIEM technologies like ArcSight, RSA Envision, Log Logic.
- Common security device functions, such as IDS/IPS, network and host-based Firewalls, DLP (Data Leakage Protection), etc.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, trojans, viruses, etc.
- IDS signatures, such as Snort rules
- SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
- Common network device functions, such as Routers, Switches, hubs, etc.
- Event Analysis, Incident Detection and escalation to Level 3 or SOC Manager; AND
DESIRABLE CRITERIA - - Protocol Analysis experience with tools like Wireshark, Opnet, Gigiastor
- Security Certification (Including but not limited to):
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GIAC)
- Certified Information Systems Security Professional (CISSP)
- Systems Security Certified Practitioner (SSCP)
- Certified Ethical hacker (CEH)
- Certified Expert Penetration Tester (CEPT)
- Cisco Certified Network Associate (CCNA)
LOCATION: Belfast, Ireland
Duration: 6 months extendable
HOURS OF WORK
Weekend shift - Sat/Sun/Mon 0100 - 1400
ROLE DESCRIPTION
As a result of planned growth, an additional position has been identified. The Security Operations Centre (SOC) Level 2 Analyst is responsible for utilizing multiple security technologies, including the ArcSight Security Information and Event Management (SIEM) tool, custom tools, and enterprise security appliances to detect, analyze, and respond to IT security incidents.
The analyst will contribute to security functional areas beyond monitoring, including mentoring Level 1 analysts, custom development, advanced analysis, assisting with new operational processes or redesigning operational processes for incident handling. The SOC provides 24x7 operational support on a shift schedule.
RESPONSIBILITIES INCLUDE (BUT ARE NOT LIMITED TO):
- Monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners, anti-virus, and web proxies.
- Serve as an escalation point for possible security events detected by Level 1 analysts.
- Develop custom tools such as scripts or leverage existing tools in new ways.
- Specify new data correlations and analyze events using the ArcSight Security Information and Event Management (SIEM) tool.
- Contribute new or redesigned operational process and procedures for incident handling.
- Contribute new analysis techniques.
- Identify unforeseen gaps in security visibility coverage or threat exposure.
- Learn new technologies and skills like penetration testing, incident handling, security engineeringSystem administration on Unix, Linux or Windows AND must be able to demonstrate:
- Strong TCP/IP, networking fundamentals, and security foundational knowledge and working experience
- Working experience of Windows operating system tasks, such as installations, services, sharing, navigation, etc.
- Detailed understanding of common application layer protocols, such as HTTP, SSL, FTP and DNS.
- Any leading SIEM technologies like ArcSight, RSA Envision, Log Logic.
- Common security device functions, such as IDS/IPS, network and host-based Firewalls, DLP (Data Leakage Protection), etc.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, trojans, viruses, etc.
- IDS signatures, such as Snort rules
- SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
- Common network device functions, such as Routers, Switches, hubs, etc.
- Event Analysis, Incident Detection and escalation to Level 3 or SOC Manager; AND
DESIRABLE CRITERIA - - Protocol Analysis experience with tools like Wireshark, Opnet, Gigiastor
- Security Certification (Including but not limited to):
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GIAC)
- Certified Information Systems Security Professional (CISSP)
- Systems Security Certified Practitioner (SSCP)
- Certified Ethical hacker (CEH)
- Certified Expert Penetration Tester (CEPT)
- Cisco Certified Network Associate (CCNA)
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges