N° Référence: LIST-CORP-2020-021
Présentation société Voir les autres offres
   
 

Luxembourg Institute of Science and Technology (LIST) - Cyber Security Incident Response Engineer

Réf.: LIST-CORP-2020-021

You will be mainly in charge of

  • Manage cyber incidents
  • Ensure the detection of cyber incidents by collecting relevant security events in the Information Systems (on premise and cloud)
  • Categorize, analyze and process security alerts on a regular basis
  • Conduct investigations and response operations to cyber incidents
  • Continuously improve cyberattack detection mechanisms and devices to identify new threats and limit false positives
  • Communicate, propose security recommendations and bypassing measures, emergency and improving detection capabilities of cyber incidents
  • Carry out tests and simulations of intrusion and vulnerability of components (applications, systems, networks, etc.) of information systems
  • Collect all the information involved in the evaluation of the security posture (centralization of logs, administration of the SIEM solution)
  • Produce indicators, reports and dashboards on cyber incidents, in collaboration with the Information Systems Security Officer
  • Participate in the development and maintenance of procedures and documents related to IS security
  • Participate in the assessment and analysis of risks and threats to IS security
  • Participate in technical IT security audits
  • Provide advice and technical assistance in the fields of IS security within the IS Unit and to research departments
  • Manage or participate in projects to implement IS security solutions
  • Implement controls to ensure the effectiveness of the IT security measures and solutions deployed
  • Ensure constant technical monitoring of IS security threats

 

Which profile we are looking for

 

Education: BAC+5, graduated in IT security/cyber security

Experience and skills

  • Proven professional experience (2 years minimum) in a SOC or a Cirt or in a similar position in a company's Information Systems Department or in an IT services provider
  • Good knowledge of risk assessment and management related to IT security
  • Knowledge of IS security audit mechanisms
  • Good knowledge of project management methods
  • CISSP or CEH or OSCP certification is an asset
  • Good overall knowledge of IS, IT components of IS architectures
  • Proven knowledge in all or part of the technical components and tools such as:
    • SIEM solutions (Splunk is an asset)
    • Collection of logs and event analysis
    • Forensic techniques are an asset
    • Security, scan and vulnerability detection tools for IT infrastructure components
    • Communication protocols: HTTP, https, SSL, FTP, SSH, VPNs, etc.
    • System scripting language (PowerShell is an asset, Bash, Python, etc.)
    • Architecture and network protocols TCP / IP, Ipv6, WiFi, mobile telephony, ToIP, Dnssec, SD-WAN
    • Operating systems (VMware, Windows 10, Windows Server, Linux, Ubuntu, CentOS, Mac OS)
  • Good knowledge of all/part following technical aspects:
    • Hardware and software security devices including those related to the Web, the Cloud and mobile resources, such as
      • Firewall, WAF, IDS, IPS
      • Security gateways for messaging and internet access
      • Antivirus and Anti-spam
      • Encryption solutions
    • IS security monitoring, supervision and metrological measurement tools
    • Authentication servers AD, ADFS, LDAPS, RADIUS, MFA
    • Office 365 security: Casb, AIP, DLP, etc.
    • Architecture and languages for software application development (LAMP is an asset, JavaScript, etc.)
    • RDBMS databases (Oracle is an asset, MySQL, SQL language)
    • Containers (Docker, Kubernetes, etc.)
  • Autonomous, organised and accurate, methodical approach
  • Able to work confidentially, high ethical standards
  • Able to work across the organisation and be initiative
  • Stress resistant
  • Client service attitude
  • Good communication skills, both oral and written

 

Language skills: Good level both written and spoken English and French

 

 

Interested ?

 

Please apply online via the button below.

 

Description société

The Luxembourg Institute of Science and Technology (LIST) is a mission-driven Research and Technology Organisation (RTO) that develops advanced technologies and delivers innovative products and services to industry and society. These innovations can also be used to solve a number of societal challenges, particularly in the areas of the environment, security, education and culture, sustainable development, as well as the efficient use of resources.

As a major engine of the diversification and growth of Luxembourg's economy through innovation, LIST supports the deployment of a number of solutions to a wide range of sectors, including energy, space, construction, agriculture & viticulture, mobility, transport & logistics, finance, manufacturing technology and cutting-edge industry.

Thanks to its location in an exceptional collaborative environment, namely the Belval Innovation Campus, the institute accelerates time to market by maximizing synergies with different actors, including the university, the national funding agency and industrial clusters. In this context, with its role of autonomous enterprise with a public utility mission, LIST pools knowledge and skills with a view to the optimum and sustainable benefit for the market and society, in Luxembourg itself but also in the Greater Region of Luxembourg and in Europe.

Lire la suite
Offres d'emploi similaires
Offres similaires basées sur les critères : Security Engineer Incident & Problem Manager Risk & Compliance Manager