Security Event Analyst - Mons, België - Uni Systems

Uni Systems

Geverifieerd bedrijf

Mons, België

1 week geleden

Geplaatst door:

Sophie Dubois

beBee Recruiter

Beschrijving

At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for a professionalSecurity Event Analyst to join our UniQue Mons team.

In this role, you will have the opportunity to work closely with our customers in the public sector and you will be responsible for developing new business by identifying profitable opportunities, maintaining your client portfolio by building strong, long-lasting relationships, and monitoring the progress of the projects, with the aim to provide excellent client service and added value services.

What will you be bringing to the team?

As a First Line Security Event Analyst (FLSEA), the incumbent will perform initial analysis of logs and network traffic, determine alert severity and escalate when required.

The analyst will collate information and present findings in a clear, structured format, providing remediation recommendations and first line response where applicable.

Main responsibilities:

Conduct research and assessments of security events within the Institution Cyber Security Centre team
Provide analysis of firewall, IDS, antivirus and other network sensor produced events and present findings
Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations
Support the endtoend Incident Handling process
Propose optimisations and enhancements which help to both maintain and improve Institution's Cyber Security posture

Requirements:

What do you need to succeed in this position?

Information Technology (IT) Degree + minimum of 1 year experience in the field of cyber security analysis
Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems
Broad understanding of common network security threats and mitigation techniques
Experience in the following:
Security Information and Event Management products (SIEM) e.g. ArcSight, Splunk
Analysis of Network Based Intrusion Detection Systems (NIDS) events

- e.g. SourceFire, Palo Alto Network Threat

Prevention
Log analysis from a variety of sources (e.g. Firewalls, Proxies, Routers, DNS and other security appliances)
Network traffic capture analysis using Wireshark
Logical approach to analysis and ability to perform structured security investigations using large, complex data sets
Good knowledge of the English language
Desirable _
Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH
Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT)
Proficiency in Intrusion/Incident Detection and Handling
Experience in the following areas:
Full Packet Capture systems
e.g. Niksun, RSA/NetWitness
Host Based Intrusion Detection Systems (HIDS)
Computer security tools (Vulnerability Assessment, Antivirus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
Computer forensics tools (stand alone, online and network)
Military communication systems and networks