FPC/NIPS Tool Manager
FPC/NIPS Tool Manager
Posted on :
17-12-2022
Employer Active
The job posting is outdated and position may be filled
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
- Working Location: Mons, Belgium
- Security Clearance: NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
Bachelors Degree in Computer Science combined with a minimum of 2 years experience in Security Tools Management or a similar position involving Technical ICT Engineering knowledge, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 5 years post related experience
Experience with enterprise Full Packet Capture solutions (e.g. RSA/NetWitness)
Strong experience in enterprise level configuration and management of Network Intrusion Detection/Prevention capabilities
Prior experience in working with Cisco Sourcefire/Next- Generation IPS appliances and Palo Alto Networks Threat Prevention, preferably on enterprise level
Strong experience in working with Snort, preferably also in writing custom signatures
Practical experience in analysing packet captures
Experience in working with the network taps and aggregators
Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
Practical hands-on experience in systems and tools administration
Comprehensive knowledge of the principles of computer and communication security, LAN/WAN networking including protocol network architecture, and the vulnerabilities of modern operating systems and applications
Working and administering of Linux-based systems
Desirable Qualifications/Experience:
Knowledge of deploying and customizing Palo Alto Networks Threat Prevention
Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
Good knowledge of Wireshark and other tools to capture and analyse network traffic
Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC
A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Prior experience of working in an international environment comprising both military and civilian elements
DUTIES/ROLE:
Install, Configure, administrate and provide on-going support of Cyber Defence associated specialist tools (see below):
Full Packet Capture (to include RSA Netwitness platform)
Network Intrusion Prevention System (to include Cisco Sourcefire/NGIPS and Palo Alto Network Threat Prevention)
Support the investigation of Security Events to establish if these are expected tool behaviours, events or a security threat
Provide technical support for performance testing of content and rules
Ensure that all other NCSC specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with other systems or applications and NCSC needs. This includes, but is not limited to ensuring proper setup and functioning of NIPS/FPC appliances or integration into monitoring systems
Support the Initiation, preparation, follow-up and defence of the specialist applications upgrades in front of the Change Management Board
Support the development of implementation plans for new capabilities in the NIPS/FPC areas and take ownership to ensure rapid implementation of those new tools and optimizations
Implement the approved changes. Proactively recommend optimizations to capabilities to provide effective and efficient service operations
Review security documentation and provide technical advice, when requested
Maintain awareness of new technologies and developments, industry standards and best practices within the NCSC community for FPC / NIPs tools, participating in knowledge sharing with other analysts and develop solutions efficiently - Perform other essential duties as assigned, as preparation of technical and/or executive level reports
Bachelors Degree in Computer Science combined with a minimum of 2 years experience in Security Tools Management or a similar position involving Technical ICT Engineering knowledge, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 5 years post related experience
Experience with enterprise Full Packet Capture solutions (e.g. RSA/NetWitness)
Strong experience in enterprise level configuration and management of Network Intrusion Detection/Prevention capabilities
Prior experience in working with Cisco Sourcefire/Next- Generation IPS appliances and Palo Alto Networks Threat Prevention, preferably on enterprise level
Strong experience in working with Snort, preferably also in writing custom signatures
Practical experience in analysing packet captures
Experience in working with the network taps and aggregators
Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
Practical hands-on experience in systems and tools administration
Comprehensive knowledge of the principles of computer and communication security, LAN/WAN networking including protocol network architecture, and the vulnerabilities of modern operating systems and applications
Working and administering of Linux-based systems
Desirable Qualifications/Experience:
Knowledge of deploying and customizing Palo Alto Networks Threat Prevention
Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
Good knowledge of Wireshark and other tools to capture and analyse network traffic
Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC
A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
Prior experience of working in an international environment comprising both military and civilian elements
DUTIES/ROLE:
Install, Configure, administrate and provide on-going support of Cyber Defence associated specialist tools (see below):
Full Packet Capture (to include RSA Netwitness platform)
Network Intrusion Prevention System (to include Cisco Sourcefire/NGIPS and Palo Alto Network Threat Prevention)
Support the investigation of Security Events to establish if these are expected tool behaviours, events or a security threat
Provide technical support for performance testing of content and rules
Ensure that all other NCSC specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with other systems or applications and NCSC needs. This includes, but is not limited to ensuring proper setup and functioning of NIPS/FPC appliances or integration into monitoring systems
Support the Initiation, preparation, follow-up and defence of the specialist applications upgrades in front of the Change Management Board
Support the development of implementation plans for new capabilities in the NIPS/FPC areas and take ownership to ensure rapid implementation of those new tools and optimizations
Implement the approved changes. Proactively recommend optimizations to capabilities to provide effective and efficient service operations
Review security documentation and provide technical advice, when requested
Maintain awareness of new technologies and developments, industry standards and best practices within the NCSC community for FPC / NIPs tools, participating in knowledge sharing with other analysts and develop solutions efficiently - Perform other essential duties as assigned, as preparation of technical and/or executive level reports
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
