Cyber Security Data Log Specialist

il y a 2 semaines

Mons, Belgique Enterpryze Consulting Ltd. Temps plein

**Cyber Security Data Log Specialist
- **Working Location**:Mons, Belgium**
- **Security Clearance**: NATO Secret**
- **Language**:High proficiency level in English language

**EXPERIENCE AND EDUCATION:
**Essential Qualifications/Experience:
- 1+ year of extensive practical experience as Splunk administrator (deployment, installation, configuration and maintenance)
- Extensive hands-on experience in regular expressions
- Extensive experience with on-boarding and managing data feeds within a SIEM environment. Practical experience in designing solutions to ingest new data feeds into SIEM
- 2+ years expert level experience related to SIEM/LogA management activities
- Practical hands-on experience in systems and tools administration, especially Linux environment
- Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation
- Ability to develop clear and concise technical documentation, including procedures

**Desirable Qualifications/Experience**:

- Extensive practical experience as Splunk administrator in large enterprise environment (deployment, installation, configuration and maintenance)
- Practical experience of Splunk Enterprise security, Phantom and UBA
- Practical experience (as system administrator) with MicroFocus ArcSight
- Experience in GIT
- Hands-on experience with Ansible as an automation technology
- Proficient with SIEM content creation - correlation rules, reports, dashboards
- Experience in creation/modification of custom parsers or flex connectors
- Understanding the Indicator of Compromise (IOC) concept and experience in integration of Threat Intel feeds and IOCs with SIEM platform
- Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
- Prior experience automating interactions between systems using APIs
- A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
- Prior experience as a user of SIEM and Log aggregation system
- ITIL Service Management certifications
- Experience in developing Splunk Applications
- Content management experience in Splunk, especially Enterprise Security and Advanced Search and Reporting
- Hands-on experience with network infrastructure and virtualized environments (preferably VMWare)
- Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE
- Previous experience working for Cyber Security related organisations (CERTs, security offices)
- Previous experience working in an international environment comprising both military and civilian elements

**DUTIES/ROLE**:

- Act as the Chief Technician and Subject Matter Expert (SME) for log collection systems within the Cyber Security Data team
- The main area of responsibility is managing multiple types, formats and quantities of data feeds to ensure established events and alerts are ingested from various log sources across NATO networks into the NCSC central security logging platform
- As the SME, you will provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness, and developments in related new technologies, and provide technical contributions to any projects related to the log collection systems
- Management of data feeds, including but not limited to:
ü Ensuring proper receipt of events from different sources

ü Correction of data parsing issues

ü Keeping an inventory of all log sources from all monitored networks

ü Ensuring all data feeds are monitored in real time and issues are immediately identified and worked upon
- As the SME you will be required to coordinate activities with log source providers at remote sites to ensure that data and logs are received into the NCSC central logging platform. In support of this you will establish and maintain a defined list of contacts with CIS support personnel from remote sites
- Following ITIL standards, provide support to Operations and Service Delivery management covering all stages of the log collection systems lifecycle with the emphasis on the log collection aspects (e.g. Service Design, Transition, Operations, Change Management and Continual Service Improvement)
- Ensure that all system components are continuously monitored and take appropriate technical and non-technical actions for solving detected issues
- Ensure that the Log Source Monitoring (Solarwinds or Splunk) solution is operational and that alerts are generated and actioned upon for any major changes in service
- Ensure that log collection systems operate within any KPI's, as defined in Service Level Agreements with NCSC customers
- Support the integration with external tools and provide technical assistance for any associated activities
- Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs, prepare documentation and implementation plan for t

  • Cyber Security Data

    il y a 3 semaines

    Mons, Belgique Vector Synergy Temps plein

    **Location**: **Security Clearance**: Reference No. Mons, Belgium NATO Secret C002720 / Mons **Skills, knowledge, experience required**: - At least 1 year of extensive practical experience as Splunk administrator (deployment, installation, configuration and maintenance); - At least 2 years expert level experience related to SIEM/LogA management...

  • Cyber Security Data

    il y a 6 jours

    Mons, Wallonie, Belgique Vector Synergy Temps plein

    Location:Security Clearance:Reference No.Mons, BelgiumNATO SecretC002720 / MonsSkills, knowledge, experience required: At least 1 year of extensive practical experience as Splunk administrator (deployment, installation, configuration and maintenance); At least 2 years expert level experience related to SIEM/LogA management activities; Extensive hands on...

  • Cyber Security Senior Automation Specialist

    il y a 3 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Expert knowledge and demonstrable experience in scripting, automation, playbook development, and...

  • Cyber Security Senior Automation Specialist

    il y a 4 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Detailed knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits...

  • Cyber Security Senior Automation Specialist

    il y a 6 jours

    Mons, Wallonie, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist- Working Location:Mons, Belgium**- Security Clearance: NATO Secret**- Language:High proficiency level in English language**EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Expert knowledge and demonstrable experience in scripting, automation, playbook development, and integration with tools...

  • Cyber Security Senior Automation Specialist

    il y a 3 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Strong knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits...

  • Cyber Security Senior Automation Specialist

    il y a 6 jours

    Mons, Wallonie, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist- Working Location:Mons, Belgium**- Security Clearance: NATO Secret**- Language:High proficiency level in English language**EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Detailed knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection...

  • Cyber Security Senior Automation Specialist

    il y a 6 jours

    Mons, Wallonie, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist- Working Location:Mons, Belgium**- Security Clearance: NATO Secret**- Language:High proficiency level in English language**EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Strong knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection...

  • Threat Hunter

    il y a 2 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Threat Hunter - Cyber Security Data - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - 1+ year of experience using/administering Splunk Enterprise - 2+ years of extensive practical experience as a tool...

  • Threat Hunter

    il y a 2 semaines

    Mons, Belgique Vector Synergy Temps plein

    **Location**: Mons, Belgium **Security Clearance**: NATO Secret **Reference No**: C002970 / Mons **Skills, knowledge, experience required**: - A minimum requirement of a Bachelor's degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience, OR OR - Experience that is/are of interest to NCI Agency,...

  • Cyber Security Senior Automation Specialist

    il y a 7 jours

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Strong knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits...

  • Cyber Security Senior Automation Specialist

    il y a 6 jours

    Mons, Wallonie, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist- Working Location:Mons, Belgium**- Security Clearance: NATO Secret**- Language:High proficiency level in English language**EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Strong knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection...

  • Cyber Security Senior Automation Specialist

    Il y a 2 mois

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Senior Automation Specialist - **Working Location**:Mons, Belgium** - **Security Clearance**: NATO Cosmic Top Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - 3+ years' experience in various areas of: ü Latest Virtualization Technologies and Operating...

  • Security Event Analyst

    Il y a 2 mois

    Mons, Belgique Uni Systems Temps plein

    At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for a professionalSecurity Event Analyst to join our UniQue Mons team. In this role, you will have the opportunity to work closely with our customers in the public sector and you will be responsible for developing new business by...

  • Cyber Security Senior Automation Specialist

    il y a 3 semaines

    Mons, Belgique Vector Synergy Temps plein

    **Location**: Mons, Belgium **Security Clearance**: NATO Secret **Reference No**: SC2023/002719 / Mons **Skills, knowledge, experience required**: - Strong knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection of CIS infrastructures; - Strong knowledge and demonstrable experience with...

  • First Line Security Event Analyst

    il y a 2 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **First Line Security Event Analyst (FLSEA) 1 **Working Location**:Mons, Belgium - **Security Clearance**: NATO Secret** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP...

  • Cyber Security Senior Automation

    il y a 6 jours

    Mons, Wallonie, Belgique Spektrum Group Temps plein

    Spektrum have a wide range of exciting opportunities in several global locations.We are always looking to add great new talent to our team and look forward to hearing from you.Whom we are supportingThe NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to...

  • Cyber Security Senior Automation

    il y a 3 semaines

    Mons, Belgique Spektrum Group Temps plein

    Spektrum have a wide range of exciting opportunities in several global locations. We are always looking to add great new talent to our team and look forward to hearing from you. **Whom we are supporting** The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT)...

  • First Line Security Event Analyst

    Il y a 2 mois

    Mons, Belgique Vector Synergy Temps plein

    **Location**: Mons, Belgium **Security Clearance**: NATO Secret **Reference No**: C003187 / Mons **Skills, knowledge, experience required**: - The lack of a degree may be compensated by at least 3 years of relevant experience in field of cyber security analysis; - Experience in the following: - Security Information and Event Management products (SIEM) -...

  • Cyber Security Incident Detection Analyst

    il y a 4 semaines

    Mons, Belgique Enterpryze Consulting Ltd. Temps plein

    **Cyber Security Incident Detection Analyst - **Working Location**:Mons, Belgium** - **Security Clearance**:NATO Secret / SC** - **Language**:High proficiency level in English language **EXPERIENCE AND EDUCATION: **Essential Qualifications/Experience: - **Expert level in 3+ of the following areas and a high level of experience in several of the other...