Our client is a Cyber Security Operations Centre with a mission to strengthen the IT Security for the whole organization.
Within the unit, the sector's main objectives are to support threat-based and incident-based decision-making through data analytics and reporting capabilities. Currently two main teams are active in supporting the improvement of mobile security and incident response and machine learning.
Our client is now looking for a Senior Cybersecurity Architect to join and support the unit in the below mentioned responsibilities.
Contract type:
Freelancer, with an initial contract duration of 80 days, based on performance.
Location:
Brussels with a required on-site office presence at the institution's office.
Key responsibilities:
* Definition of the business requirements for a mobile security program
* Definition of the tasks and milestones for the development of the SysDiagnose analysis framework
* Definition of the architecture of the projects
* Definition of the architecture of the large-scale collection and processing of sysdiagnose files within the Institution.
* Define and analyze workflow for mobile devices
* Definition of the internal curriculum on mobile device analysis
* Preparation of cyber awareness demonstrations and especially in the field of mobile hygiene
* Participation and contributing to the preparation of workshops and training on mobile device
* Providing support and managing the SAF project and the EU iPhone Check project
* Development and maintenance of open-source tools, among which – MISP; Sysdiagnose analysis framework; mobile application for Apple devices, and infrastructure to collect and process sysdiagnose files at scale.
* Coordination and review of push requests on open-source projects (mainly SAF)
* Reporting of development activities
* Interaction with technical teams within the unit and in particular the ones involved with networking (DNS, VPNs, proxies...), digital workspace, helpdesk and user support, reference configuration…
Key requirements:
* Very good knowledge of the following areas:
* Defining relevant KPI and metrics for incident response, threat detection...
* Sysdiagnose analysis using open-source tools
* MISP internals
* Operating system architecture and behaviours
* Linux system administrations
* Mobile security advanced threats
* Networking
* Splunk
* Strong experience in the following:
* Swift, Python and PHP programming language
* CakePHP framework
* Presenting in technical conferences
* Project management
* Incident response, digital forensics and malware analysis
* Leading small groups
* Ability to bring creative idea and implement them efficiently and fast
* Ability to create, support and develop (open source) projects mainly in Python and Swift
* Ability to give business and technical presentations
* Ability to apply high quality standards
* Ability to cope with fast-changing technologies used in the following:
* Incident response
* Digital forensics and especially mobile forensics
* Malware analysis
* Very good communication skills with technical and non-technical audiences
* Analysis and problem solving skills
* Capability to write clear and structured technical documents
* Ability to participate in technical meetings and good communication skills
* Certification (current or past) will be considered a great advantage:
* Strategic planning, policy and leadership (p.e GSTRT)
* Defending against advanced threats (p.e GDAT)
* Network forensics (p.e. GNFA)
* Digital forensics (p.e. GCFA or GCFE)
* Reverse engineering of malware (p.e. GREM)
* Intrusion analysis (p.e. GCIA)
* Fluent in English; additional languages are a plus.
* Eligible and willing to undergo an EU LEVEL SECRET security clearance.