3686 Threat Hunting Analyst

Contact One Communications, Inc.

Mons, Belgium

5 days ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Job location

Mons, Belgium

Tech stack

Artificial Intelligence

Data analysis

Spyware

Antivirus Softwares

Computer Security

Computer Forensics

Data Cleansing

Data Mining

Networking Hardware

Intrusion Detection Systems

Python

Network Security

Local Security Policy

Machine Learning

Network Intrusion Detection Systems

Network Protocols

Pattern Recognition

Powershell

Security Information and Event Management

Network Routers

Scripting (Bash/Python/Go/Ruby)

Large Language Models

Firewalls (Computer Science)

Cybercrime

Data Analytics

Vulnerability Analysis

Job description

Prioritize, plan and execute threat hunts.
Can work independently, as well as part of the team.
Highlight improvements on the detection and prevention methods (IDS, SIEM content for correlation, modification of security settings, etc.).
Pro-active engagement with the Cyber Community internal to NATO.
Monthly reporting on approved KPIs.
Creation/maintenance of Standard Operating Procedures (SOPs) to support all aspects of their role.
Monthly reporting to both the Customer and Business Stake Holders.
Assist NCSC, when required, in support to Cyber Incident Analysis and Response.
Production of high quality hypotheses and detection use cases documented in the centralized knowledge base of NCSC.
Advise on, test and implement Data Analysis, Artificial Intelligence and Machine Learning technologies to augment and improve existing NCSC process.
Improvement of NCSC processes for receiving, searching, analyzing, and storing cyber threat data.
Regular, at least monthly, Knowledge Transfer meetings with appropriate stakeholders, focusing on:

Successes and setbacks.
Lessons identified/learned.
Improvements to the Cyber Security processes currently in use within NCSC.

Requirements

The candidate must have a currently active NATO SECRET security clearance.
Significant demonstrable experience in Cyber Security related environment.
Excellent analytical and hypothetical thinking.
Experience in liaising at both the technical and managerial level, the incumbent must have excellent written and spoken communication skills.
Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security.
Able to organize and lead.
Able to work as part of a team and under direction of a higher authority.
Strong collaboration and interpersonal skills.
Pattern Recognition/Deductive Reasoning.
Highly Desirable to have one or more advanced professional SANS (500/600/700) certifications (e.g., GCIA, GCFA, GNFA, GREM,…) or with the same level of quality.
Demonstrable self-learning capability on complex technical subjects.
Knowledge and practice of Data Analytics, Data Mining, Data Enrichment, Artificial Intelligence and connected concepts such as Large Language Models, Retrieval Augmented Generation, Machine Learning.
A good understanding in at least three of these areas: Network Based Intrusion Detection Systems (NIDS), Host Based Intrusion Detection Systems (HIDS), Network security appliances and networking devices and associated management software. A variety of Security Event generating sources at network and host level (e.g. Firewalls, IDS, Routers, Security Appliances), Computer Forensics Tools (stand alone, online and network), Computer Security Tools (Vulnerability Assessment, Anti-Virus, Anti-Spyware, etc.), Network protocols, Scripting languages (PowerShell/Python/).
Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards.
Ability to effectively communicate technical solutions to various audiences, both technical and non-technical.
Be self-motivated and driven.
Ability to work in an International environment embedded in the Customer's location in mainland Europe (Belgium).