Senior Engineer (Enterprise Digital Forensics)
Type: Permanent
Location: Belgium-Mons
Clearance: SC / DV / NATO
Salary: Highly Competitive with Benefits
Our client is looking for an experienced Engineer to lead the exploitation of the technical capabilities of the CIRT to accelerate the identification of security incidents and facilitate the efficient and effective response by the incident handlers. If you have proven experience in a senior role with the use of on-line enterprise-level forensics analysis systems, this position is a good choice!
Key Responsibilities:
The Senior Engineer will be responsible for directing the use and development of the client’s Enterprise-wide on-line Computer Forensics capabilities of the CIRT in support of incident detection and handling activities, and for the evolutionary development of, and technical guidance to, the incident handling process. In particular, he/she will:
• Direct, develop and enhance the CIRT on-line Computer Forensics capabilities;
• Provide expert technical support to forensic investigations;
• Provide expert advice and mentoring in the area of on-line forensic analysis;
• Lead the integration of technical capabilities and information sources to support the incident handling process;
• Analyse and interpret advisories from external and internal sources (including national and non-government CERTs) for their relevance to the client’s CIS and user community, and develop measures to aid the detection of threats against the client’s systems and information;
• Develop customized indicators of compromise for use in on-line digital forensic tools to address client-specific threats and vulnerabilities;
• Direct and support the execution of the technical aspects of trend and threat analysis in order to optimize CIRT on-line forensic capabilities and to propose modifications to firewall and CIRT security sensor policies;
• Direct and support the process of feeding client Cyber Defence information sharing systems with relevant indicators of compromise;
• Assist in the initial selection and assessment of security tools relating to digital forensics and Incident Handling activities;
• Provide cyber security technical support and assistance to client CIS Operating Authorities;
• Perform technical coordination as required with national, non-governmental and our client’s CIS authorities;
• Perform Cyber Defence incident related research conducted by the Cell;
• Review and refine the incident handling processes in order to optimize CIRT incident response capabilities;
• Direct the Development of standard operating procedures covering all aspects of incident handling.
• Senior Engineer will be responsible for establishing and maintaining professional contacts with our client’s bodies and agencies, as well as commercial entities.
Qualifications required:
Successful candidate will have a university degree in a relevant discipline, or equivalent qualifications, as well as current recognized professional qualifications in forensic analysis. As a minimum this should be GCFA or equivalent (i.e. product specific certifications from Guidance Software or AccessData). The successful candidate should also hold a professional qualification as an incident handler (GCIH).
Experience required:
In addition to at least 5 years of experience in Incident Handling gained within a CIRC/CERT/SOC environment, you will be required to demonstrate specific experience in:
• Use of on-line enterprise-level forensic analysis systems, in particular AccessData Enterprise/CIRT or GSI Encase Enterprise in support of incident response;
• Analysis, interpretation and handling of computer and network security related events;
• Developing and formally documenting procedures to support security incident handling processes;
• Excellent communication and reporting skills
You will also have skills in the interpretation of output from a variety of Security Event generating sources (i.e. Firewalls, IDS, Routers, Security appliances etc.) to support incident handling activities. You will be required to demonstrate sound knowledge of Microsoft Operating Systems suite as it relates to forensics.
Preferably, you will have knowledge of:
• Broad range of Computer Security Forensics Tools;
• Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Spyware, etc);
• Military communication systems and networks;
• TCP/IP suite of protocols;
• Scripting languages and experience in developing custom scripts (e.g ENSCRIPT);
• Network, System and Application level troubleshooting;
• Microsoft Windows Administration techniques;
• Unix/Linux Administration techniques;
• Database applications, in particular Oracle and MS SQL.
Completion of the following certifications would be an asset:
• CISM – Certified Information Security Manager;
• CISSP – Certified Information Systems Security Professional.
Personal Attributes:
Drive for Result - Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.
Priority Setting - Spends his/her time and the time of others on what's important; quickly zeros in on the critical few and puts the trivial many aside; can quickly sense what will help or hinder accomplishing a goal; eliminates roadblocks; creates focus.
Problem Solving - Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.
Customer Focus - Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.
Informing - Provides the information people need to know to do their jobs and to feel good about being a member of the team, unit, and/or the organization; provides individuals information so that they can make accurate decisions; is timely with information.
Peer Relationships – Can quickly find common ground and solve problems for the good of all; can represent his/her own interested and yet be fair to other groups; can solve problems with peers with a minimum noise; is seen as a team player and is cooperative; easily gains trust and support of peers; encourages collaboration; can be candid with peers.
Intrinsic Job Factors:
Language skills:
Most of the work of our client is conducted in the English language, and therefore a thorough knowledge of English, both written and spoken, is essential and some knowledge of French is desirable.
Travel:
Senior Engineer may be required to undertake duty travel to operational theatres inside and outside our client’s boundaries.
What do we offer?
• Excellent tax-free salary, including (where eligible) expatriation household and children's allowances and additional privileges for expatriate staff.
• Education allowance for children (where appropriate) and an excellent private health insurance scheme;
• Generous annual leave and home leave (if eligible);
• Retirement Pension Plan.
If you are interested in applying for the position or would like to know more about the role available please click on the link below
http://goo.gl/MWtteV
↧