Connecting to LinkedIn...

Cyber Security Engineer (NIPS)

Job Title: Cyber Security Engineer (NIPS)
Contract Type: Permanent
Location: Bristol, United Kingdom
REF: 1424
Contact Name: Jonny Duggan
Job Published: over 1 year ago

Job Description

Cyber Security Engineer


£neg depending on experience


Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. Our client is the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.


Headquartered in Europe, they have over 45,600 employees. With its offices and industrial plants, the Company is present in 180 sites worldwide in addition to strategic partnerships in the most important high potential international markets.


What’s in it for you?

  • 25 days holiday plus bank holidays.
  • Award-winning pension scheme
  • Flexible working and additional flex-leave schemes
  • Salary sacrifice schemes including childcare voucher scheme
  • Generous relocation package
  • Onsite Occupational Health Service
  • Onsite shops and restaurant facilities
  • Employee discount schemes
  • Learning & Development budgets
  • Career break scheme
  • Reserve Forces support


The Role:

Our client is looking to recruit Cyber Security Engineers with specialist skills in Network Intrusion Detection systems. The specialists will be contracted out of its site in Bristol, with International Assignment. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.


The successful candidate will be required to use their knowledge of NIPS technologies and cyber security techniques to support and maintain these security technologies within the deployment of a complex cyber implementation.  The role requires the ability to support, maintain, troubleshoot and tune the security devices, working in conjunction with other cyber security specialists as an integral part of a wider system implementation.


The ideal candidate with have over 2 years’ experience working with Cisco FireSight Network Intrusion Detection systems (aka Sourcefire).


Key Responsibility Areas

This role will include deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Network Intrusion Protection (NIPS).


Successful candidates may become involved in the investigation in to security events to establish if these are expected tool behaviours, events or a security threat. 


The additional responsibilities will include the following:

  • Ensuring that all specialist applications such as event correlation (and its associated remote data collection feeds), network discovery, network traffic pattern/flow analysis, mail content checking, extrusion detection and on-line computer forensics tools are installed, configured and operational
  • Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.
  • Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.
  • Participate in knowledge sharing with other analysts and develop solutions efficiently
  • Coordinate or participate in individual or team projects


Skills, Qualifications and Knowledge

  • A motivated, self-managed individual who is willing to help design and adapt a constantly evolving service. Someone who can demonstrate above average analytical skills and liaise professionally with peers and client stakeholders, even under pressure.
  • Cisco FireSight
  • Experience and in depth knowledge of Cisco FMS in large environments utilising Cisco 8000 series hardware Sensors including virtual appliances
  • Demonstrate experience of Snort rule writing, rule & pre-processor tuning, rule & pre-processor performance testing and verification
  • Sound knowledge of Cisco FMS report generation, log and rule correlation
  • Cisco FMS and series 8000 Sensor troubleshooting including performance enhancements
  • Experience of system upgrades and security updates on live systems
  • Experience with 8000 Series Stacked/Clustered Sensors
  • A sound knowledge of IT security best practice, common attack types and detection / prevention methods.
  • Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
  • Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.
  • In depth experience of other common devices, such as routers, switches, hubs
  • Must be capable of communicating clearly with team members and other analysts. Able to demonstrate reading, writing and spoken English to IS level III as a minimum. (B1 of the Council of Europe/Association of Language Testers in Europe official levels)
  • Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support
  • Understanding of various SOC standards and reporting requirements i.e. GPG13
  • Experience implementing SOC reporting and governance
  • Experience with SOC automation and workflow products such as Archer GRC


Desirable Skills:

  • Exposure to IT service management best practices such as ITIL
  • Experience of using and administering SIEM and Log Management tools such as ArcSight ESM and ArcSight Logger
  • A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)


Personal Attributes:

  • Ability to manage workload for themselves and the team in pressurised environments to Time, Quality and Standards
  • Security clearances to SC minimum
  • Ability to undertake International Assignment
  • Aptitude to learn new skills


Intrinsic Factors

  • Ability to manage workload for themselves and the team in pressurised environments to Time, Quality and Standards
  • Security clearances to SC minimum
  • Ability to undertake International Assignment
  • Aptitude to learn new skills
  • Primarily an office-based project role using a variety of equipment including display screen equipment
  • Travel will be required in mainland UK and Europe
  • Successful candidates with be expected to undertake a period of International Assignment.