Senior Event Analyst
£neg depending on experience
Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. Our client is the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.
Headquartered in Europe, they have over 45,600 employees. With its offices and industrial plants, the Company is present in 180 sites worldwide in addition to strategic partnerships in the most important high potential international markets.
What’s in it for you?
- 25 days holiday plus bank holidays.
- Award-winning pension scheme
- Flexible working and additional flex-leave schemes
- Salary sacrifice schemes including childcare voucher scheme
- Generous relocation package
- Onsite Occupational Health Service
- Onsite shops and restaurant facilities
- Employee discount schemes
- Learning & Development budgets
- Career break scheme
- Reserve Forces support
Our client is looking to recruit Security Event Analysts, with a demonstrable experience in the analysis and handling of security events, to support the successful operation of the NATO Computer Incident Response Capability (NCIRC), based out of the customer site in Belgium. The Analysts are responsible for the day-to-day identification of security related events. This role involves a 24/7 shift rotation within the incident handling team in order to provide full time coverage for the system. The shift pattern will be 8 hr. rotation, with occasional switch to 12 hr. shifts when staffing coverage requires.
You will need to obtain Security clearance before starting in this role.
The successful candidates will be required to use their experience in the analysis and handling of security events, to support the successful operation the NATO Computer Incident Response Capability (NCIRC), based out of the customer site in Belgium. The Analysts are responsible for the day-to-day identification of security related events, and will need to draw on their demonstrable experience in the analysis and handling of security events to fulfil this role.
The role requires a high level of experience in a minimum of one key cyber security area, along with a working level experience across a broad selection of other cyber security technologies. Example technologies include NIPS, NIDS, HIDS, Computer Forensics tools, Vulnerability Assessment tools, Firewalls, CIRT and CERT.
The successful candidate must be proactive, diligent with a strong technical ability.
Key Responsibility Areas
High level of experience in at least one of the following areas and working level of experience in several of the other areas:
- Security event management and analysis, especially with the configuration, operation, troubleshooting, and management of ArcSight products;
- Management, use and analysis of events from Network Based Intrusion Detection Systems (NIDS)
- Management, use and analysis of events from Host Based Intrusion Detection Systems (HIDS)
- Deployment, configuration and maintenance of network security appliances and networking devices and associated management software
- Knowledge in the use of a variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances)
- Network, system and application level troubleshooting techniques
- Computer incident response centre (CIRT), computer emergency response team (CERT)
- Computer forensics tools (stand alone and on-line and network)
- Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
- Secure web design and development
- Military communication systems and networks
Skills, Qualifications & Knowledge Required
A good analytical competency is required for this role. Candidates should be able to:
- Analyse diverse sources of information;
- Break information into component parts, patterns and relationships;
- Probe for further information or greater understanding of a problem;
- Make rational judgement from the available information and analysis;
- Produce workable solutions to a range of problems and demonstrate an understanding of how one issue may be a part of a much larger system.
- Educated to degree level (or equivalent) in an IT related discipline.
- Desirable to have one of more professional SANS (e.g., GSEC, GCIA) or CISSP certifications.
- Experience of working within a team environment or on a project with multiple participants.
- Analysis experience.
- Some experience of working in Network Operations Centres (NOCs).
- Ability to communicate clearly with team members and other analysts.
- Security clearances required to UK SC & NATO minimum
For immediate consideration and a confidential conversation please contact Sam Page.
01908 88 60 37