|job Gepubliceerd:||July 11, 2017 15:10|
Our client also provides managed security services for companies that leave the security monitoring of their infrastructure and applications to them.
Within the Security Engineering team, the related intrusion detection and prevention technology is developed and kept up to date.
Centrally, SIEM (Security Information and Event Management) systems enable real-time analysis of security alerts, trite and vulnerability management tools, filtering, reporting and data analytics technologies. Evolutions within this rapidly changing domain are monitored closely.
As a junior engineer in the team, you will soon be able to perform independent projects under the supervision of a senior engineer. You will implement the security monitoring of new technologies and systems, from concept definition to implementation and testing. You will implement improvements to real-time views and reporting. You will be involved in the definition of the Security Tool evolution, assist in implementing platform upgrades, and in evaluating new technologies within the domain. You are curious, have an analytical mind, and are always looking for solutions? You work independently, pay attention to detail, and you like to work with different people inside and outside the team?
Apply for this function.
To support extensions of our monitored products portfolio, they require the following skills:
Wide (not deep) knowledge of most common security products: Firewall, Proxy, IDS/IPS, Mail
and Webgateways, Web application firewalls, …
ArcSight FlexConnectors / Parsing overrides development
Regular expressions coding
Good at technical writing
Perl and shell scripting
To help them with the demand for reporting projects:
Splunk and ArcSight reporting skills, including:
Usage of trends
Understanding of the business needs
Finding the best way to cover requirements and designing searches/queries
Knowledge of the tools limitations
Documentation (both toward the business and toward internal technical teams)
Duties and Responsibilities:
ArcSight ESM and Splunk Enterprise infrastructure general knowledge
Forwarders and SmartConnectors concept and differences
Indexer, Search heads and ESM Manager concepts and differences
Indexer and Sear Heads clustering (Splunk)
Connectors' logs analysis
Functionality issues troubleshooting
Parsing issues troubleshooting
Handling and tracking heterogeneity in connector parameters
Forwarding events from Splunk to ArcSight monitoring & troubleshooting
Heavy and Universal forwarders troubleshooting and central management
Occasional evening maintenance windows (19h -> …)
Connectors upgrades (software, AUPs)
Git for versioning and release management
ArcSight ESM and Splunk upgrades
Important structural changes in the infrastructure
Devices throughput monitoring
Sizing/dimensioning issues detection (pre-process, post-process)
Close relationship with vendor Support centers
Create tickets for operational issues
Proactive follow-up of tickets
Security Analysts support
P.O.C. for security analyst's incidents
Get ownership of operational issues incidents
Dispatch engineering related incidents
Users permissions configuration
New/Terminated users monitoring
Connector and forwarders remote deployment and management
Deploy and support new engineering solutions into production
Support during solution roll out
Support for complex problems
Feedback on issues encountered and documentation
Language: Good knowledge of English (written and oral), any other language (Dutch, French …) is an extra
Communicative and assertive.
Able to work independently & as part of a team.
Sense of responsibility and self-initiative.
Flexible - able to work around roadblocks if required, but always keeping the target in sight.
Able to deliver work of high quality.
A first work experience (1 to 3 years) is definitely an advantage but not a requirement.
Knowledge / experience with IT systems, security management, SIEM (Splunk, ArcSight, other…) concepts
are a plus.
Good working knowledge of (Redhat) Linux & development for Linux.
Analysis and documentation skills as well as programming and implementation experience.
Working location/hours: Brussels/Office hours. (Occasional evening maintenance windows: 19h -> 23h).
Ontvang soortgelijke banen per e-mail
Door het indienen van uw gegevens gaat u akkoord met onze algemene voorwaarden