Cyber Security FPC Engineer
- Recruiter
- Cordius Ltd
- Location
- Bristol
- Salary
- 40000.00 - 50000.00 GBP Annual
- Posted
- 11 Jan 2017
- Closes
- 08 Feb 2017
- Sectors
- Facilities Management
- Contract Type
- Permanent
- Hours
- Full Time
Our client - a multinational high-tech business, providing solutions to the defence, aerospace and security industries - is looking for a Cyber Security FPC Engineer with specialist skills in Full Packet Capture systems to support and maintain these security technologies within the deployment of a complex cyber implementation. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.
Responsibilities
- Deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Full Packet Capture (FPC).
- Investigate security events to establish if these are expected tool behaviours, events or a security threat.
- Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.
- Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.
- Participate in knowledge sharing with other analysts and develop solutions efficiently
Skills
- RSA Security Analytics
- Experience with Security Analytics Packet Capture in version 10.x
- Experience with Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
- Experience of updating / creating meta keys / metatags, configuring live feeds and configuring and updating LUA Parsers.
- Excellent understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
- Demonstrate experience of Network Packet Analysis and tools used, such as protocol analysers
- Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.
- In depth experience of other common devices, such as routers, switches, hubs
- Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support
- Understanding of various SOC standards and reporting requirements i.e. GPG13
- Experience implementing SOC reporting and governance
- Experience with SOC automation and workflow products such as Archer GRC
Responsibilities
- Deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Full Packet Capture (FPC).
- Investigate security events to establish if these are expected tool behaviours, events or a security threat.
- Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.
- Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.
- Participate in knowledge sharing with other analysts and develop solutions efficiently
Skills
- RSA Security Analytics
- Experience with Security Analytics Packet Capture in version 10.x
- Experience with Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
- Experience of updating / creating meta keys / metatags, configuring live feeds and configuring and updating LUA Parsers.
- Excellent understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
- Demonstrate experience of Network Packet Analysis and tools used, such as protocol analysers
- Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.
- In depth experience of other common devices, such as routers, switches, hubs
- Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support
- Understanding of various SOC standards and reporting requirements i.e. GPG13
- Experience implementing SOC reporting and governance
- Experience with SOC automation and workflow products such as Archer GRC