Cyber Security FPC Engineer

Recruiter
Cordius Ltd
Location
Bristol
Salary
40000.0000
Posted
08 Feb 2017
Closes
08 Mar 2017
Contract Type
Permanent
Hours
Full Time

Our client - a multinational high-tech business, providing solutions to the defence, aerospace and security industries - is looking for a Cyber Security FPC Engineer with specialist skills in Full Packet Capture systems to support and maintain these security technologies within the deployment of a complex cyber implementation. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.

Responsibilities

· Deep configuration and administration of a range of cyber defence specialist tools, primarily focussed on Full Packet Capture (FPC).

· Investigate security events to establish if these are expected tool behaviours, events or a security threat.

· Maintain keen understanding of evolving Internet threats to ensure the security of the networks and assets.

· Write technical articles for internal knowledge base, Whitepapers based upon system integration, functionality upgrades and service improvements.

· Participate in knowledge sharing with other analysts and develop solutions efficiently

Skills

· RSA Security Analytics

· Experience with Security Analytics Packet Capture in version 10.x

· Experience with Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers

· Experience of updating / creating meta keys / metatags, configuring live feeds and configuring and updating LUA Parsers.

· Excellent understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6

· Demonstrate experience of Network Packet Analysis and tools used, such as protocol analysers

· Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.

· In depth experience of other common devices, such as routers, switches, hubs

· Experienced with integrating existing IT infrastructures into a SIEM / SOC solution from inception through to support

· Understanding of various SOC standards and reporting requirements i.e. GPG13

· Experience implementing SOC reporting and governance

· Experience with SOC automation and workflow products such as Archer GRC