R14295 Security operations Centre Analyst

Location: 
Brussels
Description: 

Security Operations Centre Analyst.

Responsibilities: 

The primary goal of this service is to act a first line support of response regarding the potential occurence of a cyber attack or security incident. Supported by several automated tools such as intrusion detection systems, log correlations engins and SIEM, ticketing system alerts and warning from internal of external sources.

Technical skills: 

Professional practice in a specific Cyber Security domain (indicate how many months of experience, min.1 -5 years)
SOC Analyst and/or first line incident responder experience is mandatory (indicate how many months of experience, min.1-5 years)
Security Clearance Requirements (based on citizenship)
Risk Assessment methodologies: EBIOS, CRAMM,PILAR or equivalent (subject to acceptance by the Contracting EU-I)
At least 1 certification in the field of incident handling:
· GCIH (GIAC Certified Incident Handler)
· GCIA (GIAC Certified Intrusion Analyst)
· ECIH (EC-Council Certified Incident Handler)
· CSIH (SEI Certified Computer Security Incident Handler)
· SCPO (SABSA Certifed Security Operations & Service Management Practitioner)
· or an equivalent certification recognized internationally (subject to acceptance as a valid credential by the Contracting EU-I)
STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
· CybOX (Cyber Observables)
· CAPEC (Attack Patterns)
· MAEC (Malware)
TAXII (Threat Information Exchange)
Knowledge in network security solution/technologies
o Firewalls;
o Network IDS and IPS;
o Switches and routers
o APT detection solutions such as
FireEye;
o DNS, DHCP, VPN, …
o Network forensics (full packet capture)
o Traffic baselining analysis

SIEM (Arcsight ESM 6.x, Q-RADAR, or equivalent -
subject to acceptance by the contracting EU-I)
Log management solution (Arcsight Loggers and/or QRADAR and/or Splunk or equivalent - subject to
- acceptance of the contracting EU-I))
- SNORT or SourceFire NGIPS, FireSIGHT
- Suricata/StamusNetworks
- ELK (ElasticSearch, Logstash & Kibana)
- FireEye Ex, Nx, Ax, Fx, Hx, Ix
- CheckPoint and Juniper Firewalls
- BlueCoat proxies

Personal skills: 
Salary package: 
Contact name: 
Jonas Vinck
Contact email: 

Apply for this job!