Cyber Defence Specialist

Posted on by

Our client located in Brussels has a Center of Excellent (COE) Security department. They are looking for a Cyber Defence Senior Engineer.

The mission of our client’ Security department is:

  • to enable sound and formal information security risk decision making by the management, and
  • to help management with implementing a proper information security management system.

Information Security Strategy of COE Security commits to deliver upon four objectives:

  1.  enable the extended enterprise;
  2. Counter cybercrime;
  3.  Protect our information systems;
  4. Manage security risks.

Consequently, the vision of the “Cyber Defence’ team is to support Counter cybercrime objective by demonstrably ‘best in class’ preparation and response to unauthorized cyber activity.  This is done by providing the following services:
Proactive – support & intelligence to help prepare and secure bank systems in anticipation of  cyber-attacks.
Reactive  –   triggered by a request / incident / event identified by an intrusion detection system or reported by human.
To support those services, our client is looking for an experienced Cyber Defence Senior Engineer to help further mature our Cyber Defence capabilities and organization.

Function Description:

  • Support the end-to-end delivery (threat & use case design, log acquisition, implementation, documentation and handover) of advanced application security detection use cases linked to our PSD2 infrastructure and supporting applications, using your knowledge on how financial applications functionally work.
  • Lifecycle management of existing detection use cases and related content (efficiency tuning, alert/use case suppression…) based on feedback from the business, our CSIRT and other stakeholders.
  • Creation of detailed functional, non-functional, architectural and technical requirements for needed security services and supplier selection.
  • Definition, implementation and delivery of a service management approach with both internal and external partners and suppliers, supporting our Cyber Defence capabilities.
  • Continuous translation of service needs towards our suppliers, ensuring availability and delivery of fully customized service offerings for Security Monitoring & Engineering, Threat Management, Incident Response & Forensics and Threat Hunting.
  • Main representation of Cyber Defence towards IT department, the CyberSOC program and the Cloud Convergence program in by:
    • Active participation in architectural & technical design discussions on both infrastructure and network layer;
    • Active participation in governance & service management discussions;
    • Active participation in engineering and operational process definition;

Creation and implementation of associated service management, engineering and operational processes at Cyber Defence.

 

Technical Experience

At least 3 years of experience in information security, preferably 5 years.
• Experience with Threat Detection & Response for financial services infrastructure and applications;
• Strong knowledge of IT security architecture, technologies and associated processes (secure networking, web infrastructure, system security, security control point management, etc.);
• Experience with advanced security monitoring, engineering and architecture in SOC or similar environments, based on ELK or similar high-volume collection and processing technologies;
• Experience in deploying and/or managing Logstash, Kafka and Elastic based data collection infrastructure for cyber security purposes;
• Experience with the adoption and use of IT Cloud infrastructure and services in a SOC context;
• Strong experience in designing, building and maintaining complex detection use cases on both infrastructure and application level;
• Experience in service management & delivery.

  • Knowledge of ITIL based operational processes

By preference:

• Exposure/experience with log aggregation, SIEM solutions and Digital Analytics Platforms such as ArcSight and Splunk;
• Exposure/experience with Endpoint Detection & Response solutions;
• Experience with Threat Detection & Response on IT Cloud environments

 

For more information: Contact us now with your CV