Security Engineer

Poste: Security Engineer
Type de contrat: Durée déterminée
Lieu: Brussels, Belgium
Un salaire: Negotiable
Date de début: 01/08/17
Référence: 69827-ITBEL-JOS_1499782215
Nom du contact: Joseph Santos
Email du contact:
Job Publié: July 11, 2017 15:10

Description de l'emploi

Within our client's company, the past years, they have been heavily invested in developing a comprehensive security strategy, in addition to implementing a SOC (Security Operations Center), appropriate governance, processes, training and awareness initiatives.
Our client also provides managed security services for companies that leave the security monitoring of their infrastructure and applications to them.
Within the Security Engineering team, the related intrusion detection and prevention technology is developed and kept up to date.
Centrally, SIEM (Security Information and Event Management) systems enable real-time analysis of security alerts, trite and vulnerability management tools, filtering, reporting and data analytics technologies. Evolutions within this rapidly changing domain are monitored closely.

As a junior engineer in the team, you will soon be able to perform independent projects under the supervision of a senior engineer. You will implement the security monitoring of new technologies and systems, from concept definition to implementation and testing. You will implement improvements to real-time views and reporting. You will be involved in the definition of the Security Tool evolution, assist in implementing platform upgrades, and in evaluating new technologies within the domain. You are curious, have an analytical mind, and are always looking for solutions? You work independently, pay attention to detail, and you like to work with different people inside and outside the team?
Apply for this function.

Job Requirements:
 To support extensions of our monitored products portfolio, they require the following skills:
Wide (not deep) knowledge of most common security products: Firewall, Proxy, IDS/IPS, Mail
and Webgateways, Web application firewalls, …
ArcSight FlexConnectors / Parsing overrides development
Regular expressions coding
Good at technical writing
Perl and shell scripting

 To help them with the demand for reporting projects:
Splunk and ArcSight reporting skills, including:
For ArcSight:
 Usage of trends
 Variables
 Reports scheduling

For Splunk:
 Data models
 Eval functions
 Scheduled searches

In General:
Understanding of the business needs
Finding the best way to cover requirements and designing searches/queries
Knowledge of the tools limitations
Documentation (both toward the business and toward internal technical teams)

Duties and Responsibilities:
 ArcSight ESM and Splunk Enterprise infrastructure general knowledge
Forwarders and SmartConnectors concept and differences
Indexer, Search heads and ESM Manager concepts and differences
Multi-tier (ArcSight)
Indexer and Sear Heads clustering (Splunk)
 SmartConnectors monitoring
Connectors' logs analysis
Functionality issues troubleshooting
Parsing issues troubleshooting
Handling and tracking heterogeneity in connector parameters
 Forwarders monitoring
Forwarding events from Splunk to ArcSight monitoring & troubleshooting
Heavy and Universal forwarders troubleshooting and central management
 Occasional evening maintenance windows (19h -> …)
Connectors upgrades (software, AUPs)
Git for versioning and release management
ArcSight ESM and Splunk upgrades
Important structural changes in the infrastructure
 Infrastructure sizing
Devices throughput monitoring
Sizing/dimensioning issues detection (pre-process, post-process)
 Close relationship with vendor Support centers
Create tickets for operational issues
Proactive follow-up of tickets
 Security Analysts support
P.O.C. for security analyst's incidents
Get ownership of operational issues incidents
Dispatch engineering related incidents
 Infrastructure administration
Users permissions configuration
New/Terminated users monitoring
Connector and forwarders remote deployment and management
 Deploy and support new engineering solutions into production
Support during solution roll out
Support for complex problems
Feedback on issues encountered and documentation

Language: Good knowledge of English (written and oral), any other language (Dutch, French …) is an extra
Communicative and assertive.
Able to work independently & as part of a team.
Sense of responsibility and self-initiative.
Flexible - able to work around roadblocks if required, but always keeping the target in sight.
Able to deliver work of high quality.
A first work experience (1 to 3 years) is definitely an advantage but not a requirement.
Knowledge / experience with IT systems, security management, SIEM (Splunk, ArcSight, other…) concepts
are a plus.
Good working knowledge of (Redhat) Linux & development for Linux.
Analysis and documentation skills as well as programming and implementation experience.
Working location/hours: Brussels/Office hours. (Occasional evening maintenance windows: 19h -> 23h).