Threat Hunter
Il y a 5 mois
**Location**:
Mons, Belgium
**Security Clearance**:
NATO Secret
**Reference No**:
C002970 / Mons
**Skills, knowledge, experience required**:
- A minimum requirement of a Bachelor's degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience,
OR
OR
- Experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post;
- At least 1 year of experience using/administering Splunk Enterprise;
- At least 2 years of extensive practical experience as a tool engineer/system administrator in large enterprise environments (deployment, installation, configuration and maintenance), especially Linux environment;
- Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation;
- Solid understanding of regular expressions;
- Familiarity with Sysmon and its concepts;
- Familiarity with the concepts of Tactics, Techniques, Procedures (from an ATT&CK point of view);
- Ability to develop clear and concise technical documentation, including procedures;
- Demonstrable ability to work autonomously and proactively, to understand the chain of command and to follow internal processes;
- Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
**Desirable**:
- Practical experience with Sysmon: deployment, installation, configuration and maintenance;
- Solid understanding of MITRE ATT&CK framework;
- Practical experience (as system administrator) with Splunk Enterprise and Splunk Enterprise Security including deployment and configuration of Splunk Universal Forwarders;
- Experience in onboarding and parsing new data through Splunk Universal Forwarders and Heavy Forwarders;
- Experience with version control systems, preferably GITHands-on experience with Ansible as an automation technology;
- A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.);
- Prior experience as a user of SIEM and Log aggregation systems;
- ITIL Service Management certifications;
- Content management experience in Splunk, especially Enterprise Security and Advanced Search and Reporting;
- Hands-on experience with network infrastructure and virtualized environments (preferably VMWare);
- Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE;
- Previous experience working for Cyber Security related organisations (CERTs, security offices);
- Previous experience working in an international environment comprising both military and civilian elements.
**Duties/role**:
- Providing advice and technical assistance to other stakeholders, maintaining technical expertise, awareness, and developments in related new technologies, and providing technical contributions to any projects related to the data security systems;
- Being responsible for management and further development of the data security systems;
- Following ITIL standards, providing support to Operations and Service Delivery management covering all stages of the data security systems lifecycle (e.g. Service Design, Transition, Operations, Change Management and Continual Service Improvement);
- Ensuring that all system components are continuously monitored and taking appropriate technical and non-technical actions for solving detected issues;
- Ensuring that data security systems operate within any KPI's, as defined in Service Level Agreements with NCSC customers;
- Supporting integration with external tools and any associated activities;
- Proactively identifying and proposing system improvements to ensure an up-to-date and stable environment. Justifying business needs, preparing documentation and implementation plan for the Change Management Board. Implementing the approved changes following co-ordination with other stakeholders;
- Coordinating with service delivery managers, end users and other stakeholders in support of related services; communicating with other NATO entities as well as industry partners where required;
- Developing and maintaining documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation that support management of the data security systems;
- Creating technical and/or executive level reports as required; organising and delivering presentations and briefings for various audience up to NATO executive level.
VECTOR SYNERGY sp. z o.o., ul. Marcelińska 90, 60-324 Poznań, NIP PL7811857270, REGON 301575740, KRS: 0000369575
Rejestr Przedsiębiorców KRS prowadzony przez Sąd Rejonowy Poznań - Nowe Miasto i Wilda w Poznaniu, VIII Wydział Gospodarczy KRS,
-
Threat Hunting Analyst
Il y a 5 mois
Mons, Belgique Enterpryze Consulting Ltd. Temps plein**Threat Hunting Analyst - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Experience in analysis of threat actor group attack patterns, tactics, techniques, and procedures (TTPs). - Knowledge of the...
-
Threat Hunting Analyst
Il y a 5 mois
Mons, Belgique Vector Synergy Temps plein**Location**: Mons, Belgium **Security Clearance**: NATO Secret **Reference No**: C002914 / Mons **Skills, knowledge, experience required**: - Experience in: - Analysis of threat actor group attack patterns, tactics, techniques, and procedures (TTPs); - Performing in-depth cyber security analysis in large, complex networks using security use cases,...
-
Threat Hunting Analyst
Il y a 5 mois
Mons, Belgique Enterpryze Consulting Ltd. Temps plein**Threat Hunting Analyst - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Experience in analysis of threat actor group attack patterns, tactics, techniques, and procedures (TTPs). - Knowledge of the...
-
Threat Hunting Analyst
Il y a 5 mois
Mons, Belgique Spektrum Group Temps pleinSpektrum have a wide range of exciting opportunities in several global locations. We are always looking to add great new talent to our team and look forward to hearing from you. **Who we are supporting** The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT)...
-
Threat Hunter
Il y a 5 mois
Mons, Belgique Enterpryze Consulting Ltd. Temps plein**Threat Hunter - Cyber Security Data - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - 1+ year of experience using/administering Splunk Enterprise - 2+ years of extensive practical experience as a tool...
-
Threat Hunting Analyst
Il y a 5 mois
Mons, Belgique Spektrum Group Temps pleinSpektrum have a wide range of exciting opportunities in several global locations. We are always looking to add great new talent to our team and look forward to hearing from you. **Whom we are supporting** The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT)...
-
Threat Hunter
Il y a 5 mois
Mons, Belgique Spektrum Group Temps pleinSpektrum have a wide range of exciting opportunities in several global locations. We are always looking to add great new talent to our team and look forward to hearing from you. **Whom we are supporting** The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT)...