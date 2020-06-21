(AGENPARL) – ESCH -ALZETTE (LUXEMBOURG), dom 21 giugno 2020

Type:

Engineer

Contract type:

Permanent contract

Place:

Belval

Context

Your work environment

The Luxembourg Institute of Science and Technology (LIST) is a Research and Technology Organization (RTO) active in the fields of materials, environment and IT. By transforming scientific knowledge into technologies, smart data and tools, LIST empowers citizens in their choices, public authorities in their decisions and businesses in their strategies.

https://www.list.lu/

In this new position, within our Information Systems Unit, you will be working under the coordination and supervision of the Information Systems Security Officer. You have the opportunity to be part of operational implementation of the Information Systems Security Policy of LIST and related security projects in the area of software components, applications, databases, as well as components of the IT and telecom technical infrastructure.

You will be working together with other teams in the Information Systems Unit in order to support of the research, administrative and technical departments. You help to guarantee the security of the components (applicative and technical) that make up the information systems.

Description

You will be mainly in charge of:

Manage cyber incidents

Ensure the detection of cyber incidents by collecting relevant security events in the Information Systems (on premise and cloud)

Categorize, analyze and process security alerts on a regular basis

Conduct investigations and response operations to cyber incidents

Continuously improve cyberattack detection mechanisms and devices to identify new threats and limit false positives

Communicate, propose security recommendations and bypassing measures, emergency and improving detection capabilities of cyber incidents

Carry out tests and simulations of intrusion and vulnerability of components (applications, systems, networks, etc.) of information systems

Collect all the information involved in the evaluation of the security posture (centralization of logs, administration of the SIEM solution)

Produce indicators, reports and dashboards on cyber incidents, in collaboration with the Information Systems Security Officer

Participate in the development and maintenance of procedures and documents related to IS security

Participate in the assessment and analysis of risks and threats to IS security

Participate in technical IT security audits

Provide advice and technical assistance in the fields of IS security within the IS Unit and to research departments

Manage or participate in projects to implement IS security solutions

Implement controls to ensure the effectiveness of the IT security measures and solutions deployed

Ensure constant technical monitoring of IS security threats

Profile

Education

Bac+5, graduated in IT security/cyber security

Experience and skills

Proven professional experience (2 years minimum) in a SOC or a CIRT or in a similar position in a company’s Information Systems Department or in an IT services provider

Good knowledge of risk assessment and management related to IT security

Knowledge of IS security audit mechanisms

Good knowledge of project management methods

CISSP or CEH or OSCP certification is an asset

Good overall knowledge of IS, IT components of IS architectures

Proven knowledge in all or part of the technical components and tools such as:

> SIEM solutions (splunk is an asset)



> Collection of logs and event analysis



> Forensic techniques are an asset



> Security, scan and vulnerability detection tools for IT infrastructure components



> Communication protocols: http, https, ssl, ftp, ssh, VPNs, etc.



> System scripting language (Powershell is an asset, bash, python, etc.)



> Architecture and network protocols TCP / IP, IPV6, Wifi, mobile telephony, ToIP, DNSSec, SD-WAN



> Operating systems (VMWare, Windows 10, Windows Server, Linux, Ubuntu, CentOS, Mac OS)

Good knowledge of all/part following technical aspects:

> Hardware and software security devices including those related to the web, the Cloud and mobile resources, such as



* Firewall, WAF, IDS, IPS





* Security gateways for messaging and internet access





* Antivirus and anti-spam





* Encryption solutions



> IS security monitoring, supervision and metrological measurement tools



> Authentication servers AD, ADFS, LDAPS, radius, MFA



> Office 365 security: CASB, AIP, DLP, etc.



> Architecture and languages for software application development (LAMP is an asset, javascript, etc.)



> RDBMS databases (Oracle is an asset, MySQL, SQL language)



> Containers (docker, kubernetes, etc.)

Autonomous, organised and accurate, methodical approach

Able to work confidentially, high ethical standards

Able to work across the organisation and be initiative

Stress resistant

Client service attitude

Good communication skills, both oral and written

Language skills

Good level both written and spoken English and French