SC2023-003103 Cyber Security Data Engineer (SIEM) AOM (NS) - THU 12 Oct
Mons, Wallonia, Belgium
Deadline Date: Thursday 12 October 2023
Requirement: Cyber Security Data Engineer (SIEM) AOM
Location: Mons, BE
Full time on-site: Yes
Time On-Site: 100%Total Scope of the request (hours): 180
Required Start Date: 20 November 2023
End Contract Date: 31 December 2023
Required Security Clearance: NATO SECRET
Duties and Role:
- Act as one of the engineers and Subject Matter Expert (SME) for SIEM and LogA services within the Cyber Security Data team.
- As the SME, provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness, and developments in related new technologies, and provide technical contributions to any projects related to the data security systems
- Be responsible for management and further development of the data security systems.
- Following ITIL standards, provide support to Operations and Service Delivery management covering all stages of the data security systems lifecycle (e.g. Service Design, Transition, Operations, Change Management and Continual Service Improvement).
- Ensure that data security systems are installed, configured, and operating correctly and in line with dependencies with others systems or applications required.
- Ensure that all system components are continuously monitored and take appropriate technical and non-technical actions for solving detected issues.
- Ensure that data security systems operate within any KPI's, as defined in Service Level Agreements with NCSC customers.
- Support integration with external tools and any associated activities.
- Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs, prepare documentation and implementation plan for the Change Management Board. Implement the approved changes following co-ordination with other stakeholders.
- Coordinate with service delivery managers, end users and other stakeholders in support of related services; communicate with other NATO entities as well as industry partners where required.
- Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation that support management of the data security systems.
- Create technical and/or executive level reports as required; organise and deliver presentations and briefings for various audience up to NATO executive level.
Under the direction of the STMS Section Head, Data Lead Engineer or delegated authority, the incumbent shall deliver the following:
- Work in close collaboration with the SIEM – Monitoring and Detection Service Delivery manager (SDM) and the Data Lead Engineer on assigned tasks and upcoming deliverables
- Report on system status, results of the health checks and details on any issues identified.
- In case of any issues, preparation of a resolution plan and any applicable mitigations. The initial plan has to be prepared within 1 working day.
- Manage the ticket queue related to the tools under incumbent's responsibility. The incumbent will respond to all Critical within the same day. High tickets require a response the next day the latest. All other tickets shall be updated at least once a week.
A brief summary of current situation with ongoing tickets. It shall include:any critical as well as system affecting high tickets, any identified issues, already present or expected in the future.
- Timely delivery of the reports and briefs.
- The section head, SDM and/or team lead will regularly assess quality of the deliverables.
- The reports shall contain key elements such as date and time of system checks, expected outcome, observed situation.
- In case of reported issues provide details on 5W: who (is affected), what (happened), when (day/time), where (which systems), why (any supporting details, potential hypothesis).
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO SECRET security clearance
- Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post-related experience.
- At least 1 year of extensive practical experience as Splunk engineer in large enterprise environment (administration, deployment, installation, configuration and maintenance).
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
- Linux system and application administration and troubleshooting.
- Demonstrable ability to work autonomously and proactively, to understand the chain of command and to follow internal processes.
- Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
- Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation.
- Extensive practical experience (as system administrator) with Splunk Enterprise security, SOAR and UBA
- Experience with GIT
- Hands-on experience with Ansible as an automation technology
- Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: Startup environment
More jobs like this
Communications House,, Staines-Upon-Thames, United … Communications House,, Staines-Upon-Thames, United Kingdom Full TimeSenior Senior-levelUSD 135K - 220K * USD 135K+ *
Mobile Security Engineer - CertificationAndroid Banking C Finance Industrial Linux +7
Competitive pay Flex hours Gear Home office stipend Salary bonus
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open IDS-related jobs
- Open SQL-related jobs