A university degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years of specific experience.
Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency; that is, at least 7 years extensive and progressive expertise in the duties related to the function of the post.
Mandatory
• Expert level in at least three of the following areas and a high level of experience in several of the other areas:
• Security Incidents Event Management products (SIEM) – e.g.Splunk. Skill, Knowledge & Experience:
• Network Based Intrusion Detection Systems (NIDS) – e.g.SourceFire, Palo Alto Network Threat Prevention.
• Host Based Intrusion Detection Systems (HIDS).
• Full Packet Capture systems – e.g. Niksun, RSA/NetWitness.
• A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances).
• Computer incident response centre (CIRT), computer emergency response team (CERT).
• Cloud-specific security tools. Splunk ES suite and Phantom SOAR.
• Proficiency in Intrusion/Incident Detection and Handling.
• Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications.
• Solid knowledge and experience in Splunk Enterprise Securitysuite. Exceptionally this requirement can be compensated with proven level of expertise in network analysis and threat hunting.