Marketing Assistant
Posted on :
26-03-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Jobs by Experience
1 - 2 years
Monthly Salary
Not Disclosed
Salary Not Disclosed
Nationality
Saudi Arabian
Gender
N/A
Vacancy
1 Vacancy
Posted on :
26-03-2024
Job Description
Req ID : 2373342
Cyber Security Data Log Specialist
- Working Location: Mons, Belgium
- Security Clearance: NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
1+ year of extensive practical experience as Splunk administrator (deployment, installation, configuration and maintenance)
Extensive hands-on experience in regular expressions
Extensive experience with on-boarding and managing data feeds within a SIEM environment. Practical experience in designing solutions to ingest new data feeds into SIEM
2+ years expert level experience related to SIEM/LogA management activities
Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
Practical hands-on experience in systems and tools administration, especially Linux environment
Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications
Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation
Linux system and application administration and troubleshooting
Ability to develop clear and concise technical documentation, including procedures
Desirable Qualifications/Experience:
Extensive practical experience as Splunk administrator in large enterprise environment (deployment, installation, configuration and maintenance)
Practical experience of Splunk Enterprise security, Phantom and UBA
Practical experience (as system administrator) with MicroFocus ArcSight
Experience in GIT
Hands-on experience with Ansible as an automation technology
Proficient with SIEM content creation correlation rules, reports, dashboards
Experience in creation/modification of custom parsers or flex connectors
Understanding the Indicator of Compromise (IOC) concept and experience in integration of Threat Intel feeds and IOCs with SIEM platform
Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
Prior experience automating interactions between systems using APIs
A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Prior experience as a user of SIEM and Log aggregation system
ITIL Service Management certifications
Experience in developing Splunk Applications
Content management experience in Splunk, especially Enterprise Security and Advanced Search and Reporting
Hands-on experience with network infrastructure and virtualized environments (preferably VMWare)
Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE
Previous experience working for Cyber Security related organisations (CERTs, security offices)
Previous experience working in an international environment comprising both military and civilian elements
DUTIES/ROLE:
Act as the Chief Technician and Subject Matter Expert (SME) for log collection systems within the Cyber Security Data team
The main area of responsibility is managing multiple types, formats and quantities of data feeds to ensure established events and alerts are ingested from various log sources across NATO networks into the NCSC central security logging platform
As the SME, you will provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness, and developments in related new technologies, and provide technical contributions to any projects related to the log collection systems
Management of data feeds, including but not limited to:
Ensuring proper receipt of events from different sources
Correction of data parsing issues
Keeping an inventory of all log sources from all monitored networks
Ensuring all data feeds are monitored in real time and issues are immediately identified and worked upon
As the SME you will be required to coordinate activities with log source providers at remote sites to ensure that data and logs are received into the NCSC central logging platform. In support of this you will establish and maintain a defined list of contacts with CIS support personnel from remote sites
Following ITIL standards, provide support to Operations and Service Delivery management covering all stages of the log collection systems lifecycle with the emphasis on the log collection aspects (e.g. Service Design, Transition, Operations, Change Management and Continual Service Improvement)
Ensure that log collection systems are installed, configured, and operating correctly and in line with dependencies with others systems or applications required
Ensure that all system components are continuously monitored and take appropriate technical and non-technical actions for solving detected issues
Ensure that the Log Source Monitoring (Solarwinds or Splunk) solution is operational and that alerts are generated and actioned upon for any major changes in service
Ensure that log collection systems operate within any KPIs, as defined in Service Level Agreements with NCSC customers
Support the integration with external tools and provide technical assistance for any associated activities
Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs, prepare documentation and implementation plan for the Change
Management Board. Implement the approved changes following co-ordination with other stakeholders
Coordinate with service delivery managers, end users and other stakeholders in support of related services; communicate with other NATO entities as well as industry partners where required
Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation that support management of the log collection systems
Create technical level reports as required; organise and deliver presentations and briefings for various audience
Extensive hands-on experience in regular expressions
Extensive experience with on-boarding and managing data feeds within a SIEM environment. Practical experience in designing solutions to ingest new data feeds into SIEM
2+ years expert level experience related to SIEM/LogA management activities
Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
Practical hands-on experience in systems and tools administration, especially Linux environment
Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications
Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation
Linux system and application administration and troubleshooting
Ability to develop clear and concise technical documentation, including procedures
Desirable Qualifications/Experience:
Extensive practical experience as Splunk administrator in large enterprise environment (deployment, installation, configuration and maintenance)
Practical experience of Splunk Enterprise security, Phantom and UBA
Practical experience (as system administrator) with MicroFocus ArcSight
Experience in GIT
Hands-on experience with Ansible as an automation technology
Proficient with SIEM content creation correlation rules, reports, dashboards
Experience in creation/modification of custom parsers or flex connectors
Understanding the Indicator of Compromise (IOC) concept and experience in integration of Threat Intel feeds and IOCs with SIEM platform
Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
Prior experience automating interactions between systems using APIs
A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Prior experience as a user of SIEM and Log aggregation system
ITIL Service Management certifications
Experience in developing Splunk Applications
Content management experience in Splunk, especially Enterprise Security and Advanced Search and Reporting
Hands-on experience with network infrastructure and virtualized environments (preferably VMWare)
Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE
Previous experience working for Cyber Security related organisations (CERTs, security offices)
Previous experience working in an international environment comprising both military and civilian elements
DUTIES/ROLE:
Act as the Chief Technician and Subject Matter Expert (SME) for log collection systems within the Cyber Security Data team
The main area of responsibility is managing multiple types, formats and quantities of data feeds to ensure established events and alerts are ingested from various log sources across NATO networks into the NCSC central security logging platform
As the SME, you will provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness, and developments in related new technologies, and provide technical contributions to any projects related to the log collection systems
Management of data feeds, including but not limited to:
Ensuring proper receipt of events from different sources
Correction of data parsing issues
Keeping an inventory of all log sources from all monitored networks
Ensuring all data feeds are monitored in real time and issues are immediately identified and worked upon
As the SME you will be required to coordinate activities with log source providers at remote sites to ensure that data and logs are received into the NCSC central logging platform. In support of this you will establish and maintain a defined list of contacts with CIS support personnel from remote sites
Following ITIL standards, provide support to Operations and Service Delivery management covering all stages of the log collection systems lifecycle with the emphasis on the log collection aspects (e.g. Service Design, Transition, Operations, Change Management and Continual Service Improvement)
Ensure that log collection systems are installed, configured, and operating correctly and in line with dependencies with others systems or applications required
Ensure that all system components are continuously monitored and take appropriate technical and non-technical actions for solving detected issues
Ensure that the Log Source Monitoring (Solarwinds or Splunk) solution is operational and that alerts are generated and actioned upon for any major changes in service
Ensure that log collection systems operate within any KPIs, as defined in Service Level Agreements with NCSC customers
Support the integration with external tools and provide technical assistance for any associated activities
Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs, prepare documentation and implementation plan for the Change
Management Board. Implement the approved changes following co-ordination with other stakeholders
Coordinate with service delivery managers, end users and other stakeholders in support of related services; communicate with other NATO entities as well as industry partners where required
Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation that support management of the log collection systems
Create technical level reports as required; organise and deliver presentations and briefings for various audience
Employment Type
Full Time
Department / Functional Area
Marketing / Brand Management / Marketing Research / Digital Marketing
Key Skills
Report This Job
Disclaimer: Drjobs.ae is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
