Main Duties
- Monitor and perform first-line analysis of security alerts, logs, and network traffic.
- Assess security events, determine severity, and escalate incidents when needed.
- Investigate firewall, IDS, antivirus, and other security sensor alerts.
- Use security tools (SIEM, log collection, packet capture, vulnerability assessment, network devices) to support investigations.
- Support the full incident handling and response process.
- Prepare clear reports with findings, recommendations, and remediation actions.
- Suggest improvements to strengthen NATO's cybersecurity posture.
Requirements
- Degree in IT or related technical field plus 1 year of cybersecurity analysis experience, OR
- 3 years of relevant cybersecurity analysis experience without a degree.
- Strong knowledge of:
- TCP/IP networking
- Windows and Linux operating systems
- Computer and communications security principles
- Common cyber threats and mitigation techniques
- Experience with:
- SIEM tools (e.g., Splunk, ArcSight)
- Network Intrusion Detection Systems (NIDS) (e.g., SourceFire, Palo Alto)
- Log analysis (firewalls, proxies, routers, DNS, security appliances)
- Network traffic analysis using Wireshark
- Strong analytical, investigation, and problem-solving skills.
- Good written and spoken communication skills.
- Ability to work independently and as part of a team.
Preferred Qualifications
- Cybersecurity certifications such as GCIA, GNFA, or GCIH.
- Experience with:
- CERT/CIRT operations
- Incident detection and response
- Full packet capture tools (Niksun, RSA NetWitness)
- Host-based intrusion detection (HIDS)
- Vulnerability assessment and forensic tools
- Military communication systems and networks
Other Information
- Location: Mons, Belgium
- Work arrangement: Full-time, on-site
- Working conditions: Normal office environment
- Security Clearance: NATO Secret required