Full Packet Capture (FPC) / Network Intrusion Prevention System (NIPS) Tool Manager
...enthusiastic and outstanding! ... helpful and present! ...young and smart!... ah, almost forgot:
This is in a nutshell the Lugera team in Romania.
A bunch of dedicated, happy people ready to face in a natural, positive and friendly fashion all your challenges... a bunch of people at the service of people, unconditionally!
We started with hope in our souls and a smile on our faces when many others were there, way ahead of us.
We managed to make our voice heard out loud and the warmth of our hearts touched each and every recruitment we accomplished... why? ...because we are caring people, driven by the power of
“WE CAN DO IT!”
And you know what? We continue this way! And Lugera Republic is whatever republic should be: smiles on every face, glamour on every "street", laughter and success in every "building"!
Everyone who applies for a Lugera job is officially a citizen of our republic!
Bachelor’s Degree in Computer Science combined with a minimum of 2 years’ experience in as Security Tool Analyst (STA), Security Tool Manager or similar position involving Technical ICT Engineering knowledge, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 5 years post related experience.
Experience with enterprise Full Packet Capture solutions (e.g. Niksun, RSA/ NetWitness);
Previous experience in NIPS, including Detection and Prevention (signature-based detection and statistical anomaly-based detection) systems (preferably Cisco Sourcefire/NGIPS or Palo Alto Network Threat Prevention), preferably on enterprise level
Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours;
Deep Knowledge of Sourcefire/Snort;
Practical hands-on experience in systems and tools administration;
Comprehensive knowledge of the principles of computer and communication security, LAN/WAN networking including protocol network architecture, and the vulnerabilities of modern operating systems and applications;
Troubleshooting of Linux and/or Windows infrastructures;
Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams;
Knowledge of deploying Palo Alto Networks Threat Prevention;
Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell);
Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC;
A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information;
Prior experience of working in an international environment comprising both military and civilian elements.
Installing, configuring and administrating and providing on-going support of Cyber Defence associated specialist tools: Full Packet Capture (to include RSA Netwitness platform) and Network Intrusion Prevention System (to include Cisco Sourcefire and potentially Palo Alto Network Threat Prevention);
Supporting the investigation of Security Events and establishing if these are expected tool behaviours, events or a security threat;
Providing technical support for performance testing of content and rules;
Ensuring that all other NCIRC specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with other systems or applications and NCSC needs;
Supporting the initiation, preparation, follow-up and defence of the specialist applications upgrades in front of the Change Management Board;
Supporting the development of implementation plans for new capabilities in the NIPS/FPC areas and take ownership to ensure rapid implementation of those new tools and optimizations;
Implementing the approved changes and proactively recommending optimizations to capabilities to provide effective and efficient service operations;
Reviewing security documentation and provide technical advice, when requested;
Maintaining awareness of new technologies and developments, industry standards and best practices within the NCSC community for FPC / NIPs tools;
Participating in knowledge sharing with other analysts and develop solutions efficiently;
Preparing of technical and/or executive level reports.