Opdrachten
ATOS Nederland B.V.
Security Operation Center (SOC) analyst - Europol
Security Operation Center (SOC) analyst - Europol
Info
Functie
Security Operation Center (SOC) analyst - EuropolLocatie
Noord-HollandUren per week
40 uren per weekLooptijd
31.08.2022 - 31.07.2023Opdrachtnummer
118385Sluitingsdatum
01.09.2022
16:00
Rolomschrijving en taakafspraken
The primary objective of this service is to act as the first line of response regarding the potential occurrence of a cyber-attack or security incident. Supported by several automated tools such as intrusion detection systems, log correlation engines and SIEM, ticketing system, alerts and warning from internal and external sources.
This service involves receiving, triaging and responding to alerts, requests and reports, and analysing events and potential incidents and to provide the primary support for incident responders. Triage involves assessing whether a security incident or the level of exposure of a vulnerability is a true or false positive, tagging the vulnerability or incident with an initial severity classification and to activate the corresponding incident response playbook
entry. Another objective of this service is to follow pre-defined procedures to perform technical tasks related to identity and access management.
Job requirements:
Specific skills
• Experience in using, configuring and tuning a Security Information and Event Management, minimum 1 year experience needed.
• Knowledge in network security solution/technologies such as Firewalls, IDS,IPS…
• Knowledge in Host based security solutions
• Knowledge in Host based security solutions such as HIPS, Malware end point protection, OS Logs
• Good knowledge in Windows security events analysis
• Good knowledge in the security analysis of firewall, proxy, and IDS logs
• Writing and optimizing IDS signatures (preferably SNORT and/or SURICATA)
• Experience Writing and optimizing YARA rules is a plus
• Security Operation Center ANALYST with Security Operation Center experience and arcsight and/or splunk expertise!
Product tools experience:
• Security Information and Event Management experience with Splunk ideally or ArcSight or other SIEM tools
• Log management solution (Arcsight Loggers and/or Splunk or equivalent)
General competencies:
• Very good communication skills in English, verbally and in writing.
• Excellent analytical and critical thinking skills.
Delivering quality and results:
• High degree of commitment and flexibility.
• High level of customer and service-orientation.
Resilience:
• Very good interpersonal skills, with the ability to work well, both independently and in a team.
• Ability to work effectively in an international and multi-cultural environment.
• Ready to work in a team of 24/7 members
Een aanbieding zonder motivatie (dus waarom u de juiste kandidaat bent en hoe u matcht op de eisen die in de aanvraag staan) wordt niet in behandeling genomen
Een aangeboden cv moet de volledige NAW, geboortedatum, het telefoonnummer en het e-mail adres van de kandidaat bevatten.
Betalingstermijn facturen is 60 dagen. Door afname van Premium kunt u dit reduceren tot 15 dagen.
Bedrijfsgegevens
Bedrijfs gegevens
ATOS Nederland B.V.
Rolomschrijving en taakafspraken
The primary objective of this service is to act as the first line of response regarding the potential occurrence of a cyber-attack or security incident. Supported by several automated tools such as intrusion detection systems, log correlation engines and SIEM, ticketing system, alerts and warning from internal and external sources.
This service involves receiving, triaging and responding to alerts, requests and reports, and analysing events and potential incidents and to provide the primary support for incident responders. Triage involves assessing whether a security incident or the level of exposure of a vulnerability is a true or false positive, tagging the vulnerability or incident with an initial severity classification and to activate the corresponding incident response playbook
entry. Another objective of this service is to follow pre-defined procedures to perform technical tasks related to identity and access management.
Job requirements:
Specific skills
• Experience in using, configuring and tuning a Security Information and Event Management, minimum 1 year experience needed.
• Knowledge in network security solution/technologies such as Firewalls, IDS,IPS…
• Knowledge in Host based security solutions
• Knowledge in Host based security solutions such as HIPS, Malware end point protection, OS Logs
• Good knowledge in Windows security events analysis
• Good knowledge in the security analysis of firewall, proxy, and IDS logs
• Writing and optimizing IDS signatures (preferably SNORT and/or SURICATA)
• Experience Writing and optimizing YARA rules is a plus
• Security Operation Center ANALYST with Security Operation Center experience and arcsight and/or splunk expertise!
Product tools experience:
• Security Information and Event Management experience with Splunk ideally or ArcSight or other SIEM tools
• Log management solution (Arcsight Loggers and/or Splunk or equivalent)
General competencies:
• Very good communication skills in English, verbally and in writing.
• Excellent analytical and critical thinking skills.
Delivering quality and results:
• High degree of commitment and flexibility.
• High level of customer and service-orientation.
Resilience:
• Very good interpersonal skills, with the ability to work well, both independently and in a team.
• Ability to work effectively in an international and multi-cultural environment.
• Ready to work in a team of 24/7 members
Een aanbieding zonder motivatie (dus waarom u de juiste kandidaat bent en hoe u matcht op de eisen die in de aanvraag staan) wordt niet in behandeling genomen
Een aangeboden cv moet de volledige NAW, geboortedatum, het telefoonnummer en het e-mail adres van de kandidaat bevatten.
Betalingstermijn facturen is 60 dagen. Door afname van Premium kunt u dit reduceren tot 15 dagen.
De recruiter
Vincent Mast
YellowFriday
Deel deze opdracht
Meer opdrachten als deze
Meer als deze
Plaats jouw bieding op Striive
https://login.striive.com/Voor deze opdracht dien je een bieding te plaatsen op Striive. Striive is het grootste opdrachtenplatform van de Benelux waar jaarlijks meer dan 20.000 opdrachten gepubliceerd worden.