Voorstelling bedrijf Bekijk de andere vacatures

Security Monitoring Engineer

Security Monitoring Engineer

 

 

Context   

                                                                         

The Global Security department supports IT and Business Units to develop adequate solutions in Information Security and Risk Management practices.

 

The mission of GS is:

  • To enable sound and formal information security risk decision making by BNPPF management, and
  • To help management with implementing a proper information security management system.

Information Security Strategy of GS commits to deliver upon four objectives: 1) enable the extended enterprise; 2) Counter cybercrime; 3) Protect our information systems; 4) Manage security risks.

 

Consequently, the vision of the “GS Cyber Defence' team is to support Counter cybercrime objective by demonstrably 'best in class' preparation and response to unauthorized cyber activity.  This is done by providing the following services:

 

  • Proactive - support & intelligence to help prepare and secure bank systems in anticipation of cyber-attacks.
  • Reactive - triggered by a request / incident / event identified by an intrusion detection system or reported by human.
  • Main goal of Security Monitoring service is to ensure detection of all security threats targeting the bank. To help the team with execution of this activity BNNPF is looking for a Security Monitoring Platform Engineer

 

Job description

 

The Security Monitoring Platform engineer is a Security Specialist and is responsible for supporting the Cyber Defence team by sustaining the core Security Monitoring infrastructure on a day-to-day basis. Further to this he is also involved in providing expert assistance for in-depth analysis of security alerts generated by correlating logs from multiple technologies. An engineer also contributes towards providing enhanced visibility to the security posture of BNPPF Group's IT infrastructure. His responsibilities include:

 

Platform Engineering

  • Maintain solution architecture in line with business requirements and suggest improvements.
  • Complete operational responsibility for the ArcSight Event Correlation System and other systems for which the Cyber Defence team has operational responsibility. This includes, but is not limited to ArcSight ESM, Splunk, Microsoft ATA,  EDR, DLP, Oracle Database, Connector Interfaces, Logger Appliances, Windows and Linux servers, Network Appliance Storage, and Backups.
  • Architect and develop custom Flex Connector as required to meet Use Case Objectives.
  • Assistance in the development & management of Use Case and Content.
  • Maintain technical and user manuals up-to-date.
  • Lead the effort and work towards improving the existing process and procedures required for security monitoring operations.

 

Platform Maintenance

  • Define and execute Life-cycle management of the deployed solutions, qualifying new releases and patches and planning/documenting upgrades, new systems, as well as maintaining current operational event flows. Provide optimization of connector interfaces, aggregation, and data normalization.
  • Availability Management: realize availability requirements, compile availability plans, monitor availability, and monitor maintenance obligations;
  • Capacity Management: manage capacity of personnel, system capacity, and component (or tactical) capacity
  • Change Management: ensure that standardized methods and procedures are used for efficient handling of all changes
  • Asset & Configuration Management: manage and trace every aspect of a configuration (CIs) from beginning to end.
  • Release Management: ensure the availability of licensed, tested, and version-certified software and hardware
  • Incident Management: The primary objectives are to prevent Incidents from happening, and to minimize the impact of incidents that cannot be prevented.
  • Manage/Coordinate relationships, projects, and open issues with ArcSight Support, Professional Services staff, and L-3 Enterprise WAN team

 

Required skills & experiences

  • English (Must) and French (preferred)
  • CISSP (Certification is not a must)
  • 3-5 years of experience within the IT domain with 1+ years of specialization in security operations, monitoring, cyber defense & detection
  • Solid understanding of network and security monitoring architecture
  • Operational experience in maintaining networks and SIEM environments especially Arcsight.
  • Knowledge of entire TCP/IP or OSI network protocol stack, including major protocols such as IP, ICMP, TCP, UDP, SMTP, POP3, HTTP, FTP, and SSH.
  • Experience with programming and scripting languages and text manipulation tools, most notably Perl, but also including sed and awk, grep, Ruby, and Python.
  • Knowledge of ITIL based operational processes

 

Preferable

  • Knowledge of other detection/monitoring solutions such as Splunk, Q-Radar, EDR, DLP, MS ATA ...
  • In-depth understanding and experience in managing security device installations such as firewalls, proxies, IDS/IPS, ...
  • Good understanding of IT security technology and processes (secure networking, web infrastructure, WinTEL, UNIX, Lunix, etc.);
  • Experience in banking environment.
  • Prior experience of working in Agile operating model;

  

Soft Skills

  • Team player, self-starter, pro-active attitude, strong time management
  • Good Communication and Influencing skills
  • Good analytical and synthesis skills
  • Autonomy, commitment and perseverance
  • Strong intuition and ability to think “outside the box”
  • Attention to detail while seeing the bigger picture
  • Ability to provide on-the-job training and knowledge sharing to other analysts
  • Solid sense of integrity and identification with the mission.
  • Ability to process large amounts of information
  • Desire to script and automate repetitive parts of the job.

 

We Offer

  • Full time Job in a fast growing company with strong values of excellence and ethics
  • A local human sized company with expertise of a large international group
  • A challenging & innovative environment with space for initiative & personal growth
  • Opportunities for learning where needed
  • An attractive salary package including interesting compensation & benefits
  • This position aims to offer an opportunity to grow as Manager within 2 years.

Beschrijving bedrijf

Consort NT is an integrator and Operator of both infrastructures and solutions. Structurally Agile, adaptable and innovative, we harvests the value of human capital and collective Business Intelligence.

Our vision, our strategy and our expertise are organized under four divisions :

1. Collective Intelligence: Enhancing data, Empowering the value of Data Sharing
2. Solutions: Developing and Enhancing the use and sharing of information within companies
3. End-User IT: Promoting the availability and use of all desktop tools, facilitating mobility
4. IT Capacities: Ensuring continuous power and data Storage, in line with the business needs.

These 4 divisions have a common goal: Supporting our customers in their digital transformation, empowering users and IT processes and facilitating automation through adapted tools.

- 25 years of existence
- Over 2000 employees
- 140 M€ turnover
- 43% as Projects & Out-sourcing / 57% as Technical Assistance & Expertise
- 39% as Application Solutions / 61% as Infrastructures Services
- 8 services centers 24/24, 7/7 base (ISO 270001, 9001, 14001, 20000-1)
- Sales offices in France, Belgium, Luxembourg, Germany, Canada & Morocco

Toon volledige beschrijving
Gelijkaardige vacatures
Gelijksoortige vacatures gebaseerd op de criteria : Security Engineer TCP/IP Network Security
Mijn account Nog niet ingeschreven?