The individual shall provide Events Management support which shall sit within the Corsham CyISOC. They shall be responsible for:
- Enabling detection, notification, filtering and correlation of Events and Alerts in line with the Corsham CyISOC Service Operations policy;
- Reacting to the Alerts and Events by identifying, correlating, determining the correct control action and where necessary seeking advice from the Technical Authority;
- Supporting the evolution of processes in conjunction with the development and integration of the system; interacting with external third parties.
- Working with the CyISOC to develop the utility of Defence provided tooling to support Event Management.
- 158 Where necessary the contractor shall ensure that skills and knowledge transfer is carried out between the contractor and the authority using the authorities recognised toolsets.
Throughout their tenure in the CyISOCs all Event Managers will work collaboratively with the GOSCC (Jt ISOC) and the current Event Managers in Leeming and Innsworth and DPS TLS to develop the Manager of Manager (MoM) approach for Event Management on both LBS and NSoIT(D).Mandatory Skills Required:
Good networking engineer with strong knowledge of routers and switches and being able to adapt to the monitoring toolset provided. Knowledge of the monitoring tools listed:
All Event Managers must have experience of the following as a minimum:
- Experience of configuring and using the following tools:
- WhatsUp Gold;
- BMC TrueSight Infrastructure Manager;
- BMC Discovery;
- Net IM;
- ARX, Portal and BMC Remedy;
- PCAP analysis;
Desirable Skills Required:
- Knowledge of NSoIT(D