Connecting to LinkedIn...

Security Event Analyst

Job Title: Security Event Analyst
Contract Type: Permanent
Location: Bristol, United Kingdom
REF: 2963
Contact Name: Thomas Taylor
Job Published: 3 months ago

Job Description

Job Description

You will have the opportunity of providing the first line of defence in NATO’s 24/7/365 global Cyber Security mission, working within a truly unique and rewarding team of Military and Civilian Cyber Security specialists.

You will be based at the NATO Communications and Information Agency (NCIA) Cyber Security Technical Centre located at NATO’s Supreme Allied Headquarters (SHAPE) in Mons [Belgium]. The NATO Computer Incident Response Centre (NCIRC) is one of the largest fully integrated global Cyber Defence capabilities in the world. This capability requires a combined international team of 250+ NATO and Industry analysts and engineers, to operate and maintain the wide range of Cyber Security services and the complex infrastructure on which they run, installed at over 100 sites in all 29 NATO member countries.



  • International Premium Payment: An annual Tax Free payment equal to 15% of the Home Salary on initial departure overseas and thereafter on successful completion of each year;
  • Personal Travel Fund: Up to £5000pa claimable for returning to the UK for home visits;
  • Relocation Services: A premium service to assist with expatriation (e.g. housing, school search, shipping, bank accounts, utilities etc) and repatriation at the end of the assignment for employee and family where accompanied;
  • Accommodation allowance: minimum £800pcm (increasing dependant on family size) for Belgian accommodation (or managed service apartments subject to availability);
  • International Health Insurance: Award winning cover for employee and family including dental;
  • Tax Support: Tax equalisation scheme [i.e. no different to being in the UK] plus specialist tax advice and services covering both UK and Belgian taxation.
  • Shift / Call-Out / Overtime premiums dependant on eligibility of the specific role;

We believe that our employees work best when they are able to achieve balance between work and other aspects of life - which means more time to enjoy the opportunity of exploring the many great locations in continental Europe which are within easy reach of Mons. That’s why we are committed to designing policies and developing a working environment that promote the benefits and well-being of all our employees.


Key Responsibility Areas

  • Work within a NATO matrix managed Cyber Security Incident Management team
  • Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc) for enhancing investigations
  • Propose possible optimisations and enhancement which help to both maintain and improve NATO’s Cyber Security posture
  • Provide Subject Matter Expertise supporting the end-to-end Incident Handling process;
  • Monitor system status outside of working hours understanding how this relates to Security posture and escalating technical issues to duty staff


Intrinsic Factors:

  • Hold or be able to obtain, UK & NATO Security Clearance (UK SC/NS & UK DV/CTS)
  • Hold a valid passport from a NATO member country
  • Be eligible and able to undertake business travel throughout Europe

The role requires a high level of experience in a minimum of one of the following key cyber security area, along with a working level experience across a broad selection of other technologies. E.g.  NIPS, NIDS, HIDS, Computer Forensics tools, Vulnerability Assessment tools, Firewalls, CIRT and CERT


 Skills, Qualifications & Knowledge Required

  • Security event management and analysis, especially configuration, operation, troubleshooting, and management of ArcSight products
  • Management, use and analysis of events from Network Based Intrusion Detection Systems (NIDS) and Host Based Intrusion Detection Systems (HIDS)
  • Deployment, configuration and maintenance of network security appliances and networking devices and associated management software
  • Network, system and application level troubleshooting techniques
  • Computer incident response centre (CIRT), computer emergency response team (CERT)
  • Computer forensics tools (stand alone and on-line and network)
  • Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc)
  • Secure web design and development