As an Information Security Operations Analyst, you will join a team of Information Security professionals in support of RHEA clients by providing Information Security services in various market sectors including space, critical infrastructure protection and defence. Duties will include delivery of security operations and incident response services, reports and other deliverables to meet client needs.
- Provision of best practice advice and guidance in the areas of information security operations supporting incident detection, analysis and response including operations policy and procedure development, operational scenario definition, operations centre technology selection and implementation, network and host based sensor technology selection and implementation;
- Provision of best practice advice and guidance in the areas of vulnerability and patch management, intrusion detection and prevention, network and host security, network and host fingerprinting, advanced persistent threat (APT) and data leakage protection, firewall and virtual private network (VPN technologies), data centre and cloud computing security;
- Provision of cyber defence and security operations services in the areas of cyber defence situation awareness; and incident detection, analysis and response management;
- Technical vulnerability analysis and penetration testing of installed systems.
The following skills and experience are mandatory:
- You have a post-secondary degree or diploma in a relevant field. Example relevant fields include electrical or computer engineering, computer science, information technology, information management or similar. Technical certifications, diplomas or qualifications in information technology or information management, policing and security or related fields may also be accepted.
- You have excellent oral and written communications capability in English;
- You have demonstrated cyber defence and security operations qualities including:
- Curiosity - Ability to find answers to difficult problems or situations;
- Abstract thinking – Ability to identify correlations of events from multiple sensor sources;
- Business perspective - Ability to deal with low-level incident details while being mindful of business operations requirements;
- Communications - Ability to communicate to various groups that have very different requirements and experience in cyber security.
- You have demonstrated in depth knowledge of:
- Information security concepts and technologies involving incident detection, analysis, decision support and response including IDS/IPS, UTM and SIEM systems;
- Network Local Area Networking (LAN), Metropolitan Area Networking (MAN) or Wide Area Networking (WAN) technologies;
- Internet Prototocols such as TCP/IP, UDP, RIP, OSPF, BGP, SIP, SNMP, IPSec, SSL, TLS, etc.;
- End system architectures and operating systems such as Windows, Linux, Unix;
- Network management and technologies such as Syslog, Netflow, Sflow, PCap;
- Vulnerability and patch management solutions.
- You must be a citizen of the EU or a NATO member nation;
- You have a professional qualification or certification in a relevant field. Example certifications include Certified Information System Security Professional (CISSP) certificate, Certified Protection Professional (CPP), Certified ISO 27001 Auditor, Cisco Certified Network Professional (CCNP) Security, security product certifications (e.g., Checkpoint firewall certification) or similar is considered an asset;
The following skills would be highly desirable:
- You have experience in information security services for space, critical infrastructure protection and defense market segments.
- You have a qualification for EU/NATO SECRET clearance.