Cyber Security Incident Response Engineer (M/F)

Reference : LIST-CORP-2020-021

Type: Engineer
Contract type: Permanent contract
Place: Belval

Context

 

Your work environment

The Luxembourg Institute of Science and Technology (LIST) is a Research and Technology Organization (RTO) active in the fields of materials, environment and IT. By transforming scientific knowledge into technologies, smart data and tools, LIST empowers citizens in their choices, public authorities in their decisions and businesses in their strategies.

https://www.list.lu/

In this new position, within our Information Systems Unit, you will be working under the coordination and supervision of the Information Systems Security Officer. You have the opportunity to be part of operational implementation of the Information Systems Security Policy of LIST and related security projects in the area of software components, applications, databases, as well as components of the IT and telecom technical infrastructure.

You will be working together with other teams in the Information Systems Unit in order to support of the research, administrative and technical departments. You help to guarantee the security of the components (applicative and technical) that make up the information systems.

 

Description

 

 You will be mainly in charge of:

  • Manage cyber incidents
  • Ensure the detection of cyber incidents by collecting relevant security events in the Information Systems (on premise and cloud)
  • Categorize, analyze and process security alerts on a regular basis
  • Conduct investigations and response operations to cyber incidents
  • Continuously improve cyberattack detection mechanisms and devices to identify new threats and limit false positives
  • Communicate, propose security recommendations and bypassing measures, emergency and improving detection capabilities of cyber incidents
  • Carry out tests and simulations of intrusion and vulnerability of components (applications, systems, networks, etc.) of information systems
  • Collect all the information involved in the evaluation of the security posture (centralization of logs, administration of the SIEM solution)
  • Produce indicators, reports and dashboards on cyber incidents, in collaboration with the Information Systems Security Officer
  • Participate in the development and maintenance of procedures and documents related to IS security
  • Participate in the assessment and analysis of risks and threats to IS security
  • Participate in technical IT security audits
  • Provide advice and technical assistance in the fields of IS security within the IS Unit and to research departments
  • Manage or participate in projects to implement IS security solutions
  • Implement controls to ensure the effectiveness of the IT security measures and solutions deployed
  • Ensure constant technical monitoring of IS security threats

 


Profile

 

Education

  • Bac+5, graduated in IT security/cyber security

Experience and skills

  • Proven professional experience (2 years minimum) in a SOC or a CIRT or in a similar position in a company's Information Systems Department or in an IT services provider
  • Good knowledge of risk assessment and management related to IT security
  • Knowledge of IS security audit mechanisms
  • Good knowledge of project management methods
  • CISSP or CEH or OSCP certification is an asset
  • Good overall knowledge of IS, IT components of IS architectures
  • Proven knowledge in all or part of the technical components and tools such as:

    • > SIEM solutions (splunk is an asset)
    • > Collection of logs and event analysis
    • > Forensic techniques are an asset
    • > Security, scan and vulnerability detection tools for IT infrastructure components
    • > Communication protocols: http, https, ssl, ftp, ssh, VPNs, etc.
    • > System scripting language (Powershell is an asset, bash, python, etc.)
    • > Architecture and network protocols TCP / IP, IPV6, Wifi, mobile telephony, ToIP, DNSSec, SD-WAN
    • > Operating systems (VMWare, Windows 10, Windows Server, Linux, Ubuntu, CentOS, Mac OS)

  • Good knowledge of all/part following technical aspects:

    • > Hardware and software security devices including those related to the web, the Cloud and mobile resources, such as

      • * Firewall, WAF, IDS, IPS
      • * Security gateways for messaging and internet access
      • * Antivirus and anti-spam
      • * Encryption solutions

    • > IS security monitoring, supervision and metrological measurement tools
    • > Authentication servers AD, ADFS, LDAPS, radius, MFA
    • > Office 365 security: CASB, AIP, DLP, etc.
    • > Architecture and languages for software application development (LAMP is an asset, javascript, etc.)
    • > RDBMS databases (Oracle is an asset, MySQL, SQL language)
    • > Containers (docker, kubernetes, etc.)

  • Autonomous, organised and accurate, methodical approach
  • Able to work confidentially, high ethical standards
  • Able to work across the organisation and be initiative
  • Stress resistant
  • Client service attitude
  • Good communication skills, both oral and written

Language skills

  • Good level both written and spoken English and French

 

Share this page:

LIST-CORP-2020-021


 

Apply online

Contact

 Christian ANESE
Christian ANESE

 Pascal GRAISSAGUEL
Pascal GRAISSAGUEL