Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
SOC Junior Analyst - Luxembourg - €450 - €500 PD
Eingestellt von Sola Technology Ltd
Gesuchte Skills: Network, Design, Linux, Unix
Projektbeschreibung
An exciting opportunity has arisen for a Junior Security Analyst to join a Tier 1 global supplier of IT Services in Luxembourg.
1. Perform security events monitoring (System security monitoring)
Via the use of our customer security information and events management (SIEM) infrastructure, perform security event monitoring (security analysis) of IT systems and components operated by DIGIT (an example of events list to monitor is provided in Appendix).
Based on this analysis, appropriate security incidents management steps will be carried out in collaboration with security operational teams.
2. Take part in the monitoring policies management process
In close relationship with the customers or system owners, and according to established service level agreements, the job holder will make sure that the monitoring policy allows an efficient detection of potential incidents.
Therefore, he/she will take part in:
- Analysing customer's risks and security policy requirements;
- Translating them into technical events targetting the system components;
- Identifying the required logs/files/artefacts to collect from the monitored system and if necessary, possible complementary devices to deploy;
- Elaborating the relevant detection and correlation rules;
- Implementing these rules in the SIEM infrastructure;
- Reviewing and improving the monitoring policy on a regular basis.
3. Take part in the design of the monitoring architecture
The job holder will contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the Back End team, on the other hand, by performing the following tasks:
- Assessment of security events detection solutions, development of solutions;
- Integration of these solutions within the security monitoring scheme (log collection architecture, interoperability, formats, network aspects);
- Deployment and validation of the solutions;
- Draft documentation such as architecture design descriptions, assessment reports, configuration guides, security operating procedures.
This includes (but is not limited to) the following components:
- Network based devices
- Firewalls;
- Network IDS and IPS;
- APT detection solutions such as FireEye;
- DNS, DHCP, VPN
- Host based components
- HIPS;
- Malware detection;
- OS and application logs
4. EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
The job holder must possess the following technical skills:
- Experience in incident handling, SANS GICH certification is a real advantage;
- An experience in SIEM solutions, namely Arcsight ESM and Logger design, implementation and engineering;
- Experience in UNIX (Sun Solaris and Linux Redhat) system administration and or Oracle Databases;
- Experience with basic network protocols such as TCP/IP, IP/SEC, SMTP, DNS, etc., and network equipment such as Switches, hubs, Routers, etc;
- Hands-on experience in the security of Windows/Unix (including Linux) environment;
- Knowledge of Scripting language (Perl, python, windows powershell);
1. Perform security events monitoring (System security monitoring)
Via the use of our customer security information and events management (SIEM) infrastructure, perform security event monitoring (security analysis) of IT systems and components operated by DIGIT (an example of events list to monitor is provided in Appendix).
Based on this analysis, appropriate security incidents management steps will be carried out in collaboration with security operational teams.
2. Take part in the monitoring policies management process
In close relationship with the customers or system owners, and according to established service level agreements, the job holder will make sure that the monitoring policy allows an efficient detection of potential incidents.
Therefore, he/she will take part in:
- Analysing customer's risks and security policy requirements;
- Translating them into technical events targetting the system components;
- Identifying the required logs/files/artefacts to collect from the monitored system and if necessary, possible complementary devices to deploy;
- Elaborating the relevant detection and correlation rules;
- Implementing these rules in the SIEM infrastructure;
- Reviewing and improving the monitoring policy on a regular basis.
3. Take part in the design of the monitoring architecture
The job holder will contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the Back End team, on the other hand, by performing the following tasks:
- Assessment of security events detection solutions, development of solutions;
- Integration of these solutions within the security monitoring scheme (log collection architecture, interoperability, formats, network aspects);
- Deployment and validation of the solutions;
- Draft documentation such as architecture design descriptions, assessment reports, configuration guides, security operating procedures.
This includes (but is not limited to) the following components:
- Network based devices
- Firewalls;
- Network IDS and IPS;
- APT detection solutions such as FireEye;
- DNS, DHCP, VPN
- Host based components
- HIPS;
- Malware detection;
- OS and application logs
4. EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE
The job holder must possess the following technical skills:
- Experience in incident handling, SANS GICH certification is a real advantage;
- An experience in SIEM solutions, namely Arcsight ESM and Logger design, implementation and engineering;
- Experience in UNIX (Sun Solaris and Linux Redhat) system administration and or Oracle Databases;
- Experience with basic network protocols such as TCP/IP, IP/SEC, SMTP, DNS, etc., and network equipment such as Switches, hubs, Routers, etc;
- Hands-on experience in the security of Windows/Unix (including Linux) environment;
- Knowledge of Scripting language (Perl, python, windows powershell);
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Medien/Design