Cyber Security System Engineer

Delivery mode: remote and local

Seniority: Expert

Description

The purpose of the Services is to manage (implement, integrate, configure and administer) cyber security components in order to support the provision of operational security services.The Service provider is expected to take direct action on all or part of a cyber defence infrastructure and to act as the main interface between business and technical units.The aim of the Services is to support the provision of other services such as security analysis and incident handling, and carry out fine-tuned configuration and customization of cyber defence components in order to maximize their effi-ciency and performance whilst minimizing the amount of false positive detection ratio.

Tasks

ITIL process implementation and improvementInstalls, configures, maintains and upgrades cyber security componentsMonitor managed components and manage incidents and problems (ITIL definitions)Tune performancesPerform day-to-day system management such as user access management, patch managementHarden system and network componentsDevelop, maintain and roll-out reference configurations (ITIL release and deployment management)Implement and follow security policiesElaborate and maintain system inventory/CMDB, system documentation, operating proceduresEnsure appropriate testing before applying changes (change evaluation)Manage changes through a structured change management process (ITIL Change management)Report on service performances and availability, produce dashboardsDesign, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade cyber security infrastructureProvide expertise, guidance, recommendations and documented security configurations for implementation of security tools and processesProduce detailed engineering specificationsEvaluate and recommend secure configurationsIdentify security requirements, based upon need or translate high-level security requirements into detailed technical requirementsSupport various technical and non-technical stakeholders to specify and negotiate security requirementsInteract with network and system engineering teams to effectively communicate and develop security solutionsDrafts documentation and standard operational procedures to support security systems operationsEnsures the technical design and contributes to implementation of new components and/or enhancements in coordination with other team members in particular project managers, security architects and engineers.Ensure DRP through appropriate back-ups methods to ensure RTO are met.Ensure capacity planning

Support security monitoring use-case engineeringSecurity events collection technical design. Integration of log sources into a SIEM solution.Elaboration and translation of the security monitoring policy into monitoring rulesInvestigate, diagnose and solve system related problemsSchedule installation work, liaising with all concerned to ensure that installation priorities are met and disrup-tion to the organization is minimized.Diagnose and solve problems and faults occurring in the operation of cyber security componentsComply with organization procedures to ensure integrity of the systemRecommend resolutions and improvementsProvide integrated solutionsProvide consolidate findings on components or processesDocument cyber defence components configurationsEnsure that systems meet agreed service levelsEnsure that communication performance, recovery, and security needs meet agreed service agreement standardsContribute to define network design policies, philosophies and criteriaCraft, fine-tune and validate low level intrusion detection rules for network and host protectionDevelopment, test and roll-out new releases of Identity and Access Management solutions

Key Requirements:

• Network security engineering
• System security engineering
• Network security administration
• System security administration
• Security testing (functional and non-functionnal)
• Cryptography
• ISO2700X
• ITIL
• Ability to design, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade at least one of the products mentioned in Annex 6_SP4 Ap-pendix 1 List of Core products and solutions
• Network Protocols (including IP, TCP, UDP, DNS, SMTP, Syslog-ng, HTTP, IP routing and fail-over protocols, IEEE 802.1x)
• Cryptographic solutions (including common stand-ards and ciphers, symmetric and asymmetric en-cryption, PKI, HSM, smartcards)
• Security protocols (including SSL/TLS, IPsec, VPN)
• Ability to write comprehensive documentation.
• Hardening/Securing of Windows Servers and Desk-tops
• Hardening/Securing of Unix-like systems (such as System V, Linux, BSD)
• VMWare VSPHERE and ESXi technologies
• Windows Operating systems
• Linux Servers (Redhat, DEBIAN)
• NetAPP Storage NAS/SAN
• Firewalls
• System monitoring solutions (Nagios, Centron)

At least 1 certification among: GSEC (GIAC Certified Security Essentials) GCWN (GIAC Certified Windows Security Administrator) GCED (GIAC Certified Enterprise Defender) GCUX (GIAC Certified UNIX Security Administrator) ENSA (EC-Council Certified Network Administrator) Microsoft Certified System Center Configuration Manager MCSA (Microsoft Certified Solutions Associate) or an equivalent certification recognized internationally (subject to acceptance as a valid credential by the Contracting EU-I)

At least 1 certification among: GCIH (GIAC Certified Incident Handler) EC-Council Certified Disaster Recovery Professional MCSE (Microsoft Certified Solutions Expert or an equiva-lent certification recognize internationally (subject to ac-ceptance as a valid credential by the Contracting EU-I)

The following documents / procedures will be requested to successfully complete the hiring process :

• A copy of your university degree(s)
• A copy of your criminal record
• Security Clearance Procedure

WHO WE ARE?

CRI company part of VASS Group, leads the digital transformation and cyber security in the European Union.

CRI operates serving the European Union Institutions, telecom operators, financial institutions and governmental bodies through a comprehensive offering of services and technologies.

Please visit our website and let's get in touch: www.cri-group.eu