Cyber Security Engineer
- Recruiter
- Anonymous
- Location
- Bristol
- Salary
- 40000.00 - 50000.00 GBP Annual + Great Benefits Package
- Posted
- 02 May 2017
- Closes
- 30 May 2017
- Sectors
- Facilities Management
- Contract Type
- Permanent
- Hours
- Full Time
CYBER SECURITY ENGINEER (BRISTOL - DEFENCE INDUSTRY): GBP40-50K BASIC PLUS EXCELLENT BENEFITS. WORLD LEADING GLOBAL MULTINATIONAL SUPPLYING SPECIALIST PRODUCTS AND SERVICES TO THE DEFENCE AND AEROSPACE INDUSTRIES.
The Client
Our client is quite simply a world leader in engineering, development and service to the Defence and Aerospace industries. With a presence in over 200 countries around the globe and nearly 50,000 employees worldwide they are at the leading edge of technology in their fields.
Job Description
Our client is looking to recruit a Cyber Security Engineers with specialist skills in Full Packet Capture systems. The specialist will be contracted out of its site in Bristol, with International Assignment. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.
Key Responsibility Areas
- This role will include deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Full Packet Capture (FPC).
- Successful candidates may become involved in the investigation in to security events to establish if these are expected tool behaviours, events or a security threat.
The additional responsibilities will include the following:
- Ensuring that all specialist applications such as event correlation (and its associated remote data collection feeds), network discovery, network traffic pattern/flow analysis, mail content checking, extrusion detection and on-line computer forensics tools are installed, configured and operational
- Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.
- Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.
- Participate in knowledge sharing with other analysts and develop solutions efficiently
- Coordinate or participate in individual or team projects
Skills, Qualifications and Knowledge
- The successful candidate will be required to use their knowledge of FPC technologies and cyber security techniques to support and maintain these security technologies within the deployment of a complex cyber implementation. The role requires the ability to support, maintain, troubleshoot and tune the security devices, working in conjunction with other cyber security specialists as an integral part of a wider system implementation.
- The ideal candidate with have over 2 years` experience working with RSA Security Analytics Full Packet Capture systems (aka Netwitness)
- A motivated, self-managed individual who is willing to help design and adapt a constantly evolving service. Someone who can demonstrate above average analytical skills and liaise professionally with peers and client stakeholders, even under pressure.
- RSA Security Analytics
- Experience with Security Analytics Packet Capture in version 10.x
- Experience with Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
- Experience of updating / creating metakeys / metatags, configuring live feeds and configuring and updating LUA Parsers.
- Excellent understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
- Demonstrate experience of Network Packet Analysis and tools used, such as protocol analysers
- Experience of software engineering including programming and/or scripting knowledge. Python, Perl, Linux shell scripting
- A sound knowledge of IT security best practice, common attack types and detection / prevention methods.
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.
- In depth experience of other common devices, such as routers, switches, hubs
- Must be capable of communicating clearly with team members and other analysts. Able to demonstrate reading, writing and spoken English to IS level III as a minimum. (B1 of the Council of Europe/Association of Language Testers in Europe official levels)
- Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support
- Understanding of various SOC standards and reporting requirements i.e. GPG13
- Experience implementing SOC reporting and governance
- Experience with SOC automation and workflow products such as Archer GRC
Desirable Skills:
- Exposure to IT service management best practices such as ITIL
- Experience of using and administering SIEM and Log Management tools such as ArcSight ESM and ArcSight Logger
- A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Personal Attributes:
- Ability to manage workload for themselves and the team in pressurised environments to Time, Quality and Standards
- Security clearances to SC minimum
- Ability to undertake International Assignment
- Aptitude to learn new skills
Is This You?
Do you want to work for a world leading, technologically innovative company at the forefront of the defence industry? If you have the skills described above then do not delay, send your application to us and we will be in touch within 24 hours to discuss the vacancy further
The Client
Our client is quite simply a world leader in engineering, development and service to the Defence and Aerospace industries. With a presence in over 200 countries around the globe and nearly 50,000 employees worldwide they are at the leading edge of technology in their fields.
Job Description
Our client is looking to recruit a Cyber Security Engineers with specialist skills in Full Packet Capture systems. The specialist will be contracted out of its site in Bristol, with International Assignment. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.
Key Responsibility Areas
- This role will include deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Full Packet Capture (FPC).
- Successful candidates may become involved in the investigation in to security events to establish if these are expected tool behaviours, events or a security threat.
The additional responsibilities will include the following:
- Ensuring that all specialist applications such as event correlation (and its associated remote data collection feeds), network discovery, network traffic pattern/flow analysis, mail content checking, extrusion detection and on-line computer forensics tools are installed, configured and operational
- Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.
- Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.
- Participate in knowledge sharing with other analysts and develop solutions efficiently
- Coordinate or participate in individual or team projects
Skills, Qualifications and Knowledge
- The successful candidate will be required to use their knowledge of FPC technologies and cyber security techniques to support and maintain these security technologies within the deployment of a complex cyber implementation. The role requires the ability to support, maintain, troubleshoot and tune the security devices, working in conjunction with other cyber security specialists as an integral part of a wider system implementation.
- The ideal candidate with have over 2 years` experience working with RSA Security Analytics Full Packet Capture systems (aka Netwitness)
- A motivated, self-managed individual who is willing to help design and adapt a constantly evolving service. Someone who can demonstrate above average analytical skills and liaise professionally with peers and client stakeholders, even under pressure.
- RSA Security Analytics
- Experience with Security Analytics Packet Capture in version 10.x
- Experience with Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
- Experience of updating / creating metakeys / metatags, configuring live feeds and configuring and updating LUA Parsers.
- Excellent understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
- Demonstrate experience of Network Packet Analysis and tools used, such as protocol analysers
- Experience of software engineering including programming and/or scripting knowledge. Python, Perl, Linux shell scripting
- A sound knowledge of IT security best practice, common attack types and detection / prevention methods.
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.
- In depth experience of other common devices, such as routers, switches, hubs
- Must be capable of communicating clearly with team members and other analysts. Able to demonstrate reading, writing and spoken English to IS level III as a minimum. (B1 of the Council of Europe/Association of Language Testers in Europe official levels)
- Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support
- Understanding of various SOC standards and reporting requirements i.e. GPG13
- Experience implementing SOC reporting and governance
- Experience with SOC automation and workflow products such as Archer GRC
Desirable Skills:
- Exposure to IT service management best practices such as ITIL
- Experience of using and administering SIEM and Log Management tools such as ArcSight ESM and ArcSight Logger
- A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Personal Attributes:
- Ability to manage workload for themselves and the team in pressurised environments to Time, Quality and Standards
- Security clearances to SC minimum
- Ability to undertake International Assignment
- Aptitude to learn new skills
Is This You?
Do you want to work for a world leading, technologically innovative company at the forefront of the defence industry? If you have the skills described above then do not delay, send your application to us and we will be in touch within 24 hours to discuss the vacancy further