Manage the Cisco Firepower network probes installed in Production and in the Lab.
Collaborate with the other teams in the unit to analyse the registered events
and solve the possible incident.
Select / Define / improve IDS / IPS signatures, policies and triggers .
Deploy software / vulnerability / fingerprint updates .
Improve detection capabilities by creating Splunk filters.
Detect and minimize false positives .
Investigate alerts, react, escalate and inform stakeholders accordingly .
Possibly plan further expansion of the monitoring system .
Write "response instructions" for common situations
Production of documentation : for documenting the network monitoring activities, and the associated guidelines and procedures.
University Degree in an ICT related fiel with a minimum of 8 years of professional experience in the domain of ICT and Network Security
Excellent knowledge of Cisco Firepower IPS ideally 8 years of experience
Working experience in complex ICT enterprise environments and in the.associated security aspects.
Experience with Splunk is required
Excellent knowledge of Operating systems and good practices for their configuration ad protection
Excellent knowledge of all kind of network and host security systems including : antivirus software, host intrusion detection and prevention, vulnerability assessment, data encryption, honey-pot, and hardening practices
Excellent knowledge of network concepts and the associated security solutions. In particular the following topics must be known : Internet / Intranet / Extranet architectures;
Authentication systems, Firewall, Proxies, Network IDS / IPS, PKI, e-mail gateways, IP security, Remote access control and violations, data protection and integrity, Encryption, Viruses
Desirable knowledge of IT best practices (ITIL, COBIT, etc.)
Very good knowledge of written and spoken English is required. Knowledge of French (B1 or higher) would be considered as asset.