Security 3rd Line Engineer
Newport (Newport) Design / Civil engineering / Industrial engineering
Job description
Security 3rd Line Engineer
Airbus Defence & Space Corsham (ex Cassidian)
As the European specialist in cyber security, the mission of Airbus' CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.
Airbus is a global leader in aeronautics, space and related services. In 2015, it generated revenues of €64.5 billion and employed a workforce of around 136,600. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe's number one space enterprise and the world's second largest space business. In helicopters, Airbus provides the most efficient civiland military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description of the job
We are currently looking for a Security 3rd Line Engineer for our site in Corsham.
Desired profile
Tasks & accountabilities
· Support the SOC Lead Engineer as directed.
· Participate in the ‘on call' function for SOC 3rd Line.
· If qualified, provide shift cover for SOC analysts.
· Act as escalation point from 2nd Line SOC Engineers.
· Provide the 3rd Line level assistance in resolving/coordinating incidents, applying diagnosis, maintenance, change and configuration control attributes to bring about a resolution.
· Act as Firewall, IPS or SIEM subject matter expert as directed by the UK SOCs Manager.
· Support the Firewall, IPS or SIEM subject matter expert for all 3rd line SOC engineering tasks.
· Act as a subject matter expert (SME) for specific technical areas (Firewall, IPS, SIEM etc) at appropriate meetings or as directed by Site Lead or UK SOCs Manager.
· As SME, drive efficiency into technical delivery of relevant processes.
· Ensure best technical processes are being followed by all Engineers and Analysts.
· Ensure change(s) are reflecting in formal asset / configuration control whilst maintaining SOC assets in any relevant CMDB.
· Ensure local ADHOC spreadsheets / asset tracker(s) are kept current (Firewall / IPS spreadsheets).
· Impact releases to live, raise and deliver operational change within KPIs/SLAs.
· Provide support to the Problem Managers for relevant incidents within KPIs/SLAs.
· Provide support to 4th line / Design as SMEs for SOC Tooling.
· Ensure SOC Tooling is performing, maintained and operated within KPIs/SLAs.
· Act as escalation point for the 2nd Line Vulnerability Analyst.
Required skills
· Educated to a degree level in Computer Science or equivalent
· The following trainings and certifications are required:
SANS SEC501: Advanced Security Essentials **
SANS SEC502:Perimeter Protection in-Depth *
SANS SEC511: Continuous Monitoring & Security Operations
SANS FOR578: Advanced Network Forensics
Countermeasures and Cyber Deception
CCNP Security
CISSP
CESG Certified Professional (CCP)
CREST Certified Network Intrusion Analyst (CCNIA)
ArcSight ESM
ArcSight Logger
· Experience in the following fields are desirable:
Countermeasures and Cyber Deception
Threat Intelligence
Threat Hunting
Code & Scripting (e.g. Python)
ArcSightMC
· Being able to present and write professional reports to key
· Good time management
This position will require a security clearance or will require being eligible for clearance by the recognised authorities.