Cyber Security Event Analysts
Cyber Security Event Analysts
Leonardo is looking to recruit Junior and Senior Security Event Analysts, looking for individuals with varying degrees of experiences in the analysis and handling of security events. The Analysts are responsible for the day-to-day identification of security related events with both day-based roles and shift-based roles available.
The successful candidates will be required to use their experience in the analysis and handling of security events across a range of different customers and technologies. The role requires a high level of experience in a minimum of one key cyber security technology area, along with a working level experience across a broad selection of other cyber security technologies. Example technology areas include SIEM, NIPS, NIDS, HIDS, HIPS, Computer Forensics tools, Vulnerability Assessment tools, Firewalls, Incident Response or malware analysis. The successful candidate must be a proactive & diligent team player with strong technical abilities.
Key Responsibility Areas
- Security Information Event Management (SIEM) analysis and operation (especially with the configuration, operation, troubleshooting, and management)
- Management, use and analysis of events from Network Based Intrusion Detection Systems (NIDS)
- Management, use and analysis of events from Host Based Intrusion Detection Systems (HIDS)
- Deployment, configuration and maintenance of network security appliances and networking devices and associated management software
- Knowledge in the use of a variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances)
- Network, system and application level troubleshooting techniques
- Computer security tools (Vulnerability Assessment, Anti-virus, Protocol
- Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
Skills, Qualifications & Knowledge Required
A good analytical competency is required for this role. Candidates should be able to:
- Analyse diverse sources of information;
- Break information into component parts, patterns and relationships;
- Probe for further information or greater understanding of a problem;
- Make rational judgement from the available information and analysis;
- Produce workable solutions to a range of problems and demonstrate an understanding of how one issue may be a part of a much larger system.
- Knowledge and understanding of information technology concepts and technologies
- Knowledge of computer systems hardware and software
- Knowledge of networking and troubleshooting using the OSI 7-layer model
- Experience with TCP/IP, Linux, UNIX, Windows, IP Routing
- Knowledge of Information Security core concepts.
- Software engineering, programming or scripting knowledge such as Java, .net, Python or shell scripting.
- Educated to degree level in an IT related discipline or equivalent experience within Information Technology (minimum 4 years).
- Desirable to have one of more professional certifications in security disciplines such as SANS
- Experience of working within a team environment or on a project with multiple participants.
- Analysis and troubleshooting experience.
- Experience of working in Network Operations Centres (NOCs).
- Ability to communicate clearly with team members and other analysts.
- Experience in an ITIL and/or ISO27001 environment.
- Be Eligible for SC Clearance
- Occasional Travel required
To apply for this role, please click the Apply button.