Security Engineer (Darktrace)

Function description

We are looking for a Security Engineer with knowledge of tools like IDS, IPS, SIEM/UBA/NBAD and a solid understanding of networking, TCIP/IP, infrastructure security, and Linux and Windows Server Operating Systems. Preferably, you possess the follow capabilities and characteristics:

  • You have experience with IDS/IPS tools (preferably Darktrace) and you understand the architecture and components around these technologies;
  • You have networking knowledge and can configure, debug and troubleshoot throughout the specific layers of the TCP/IP and OSI stacks;
  • You have experience in system infrastructure and application integration;
  • You enjoy figuring out network traffic flows and optimizing tool performance
  • You have at least 5 years of experience in this domain;
  • You have a Bachelor's/Master’s degree in Computer Science/ Information Security.

We are looking for a team player that has excellent working knowledge in English and possibly Dutch. The position is for 36 or 40 hrs/week and involves a stand-by schedule for which you will be “on-call” for a week, once every 10-12 weeks.

What the client requests

For the job of Security Engineer (Darktrace), the candidate will be performing the below mentioned day-to-day tasks.

  1. Installation, Configuration and Maintenance of Darktrace components: (Unified viewers, masters, probes, master-probe hybrids)
    • Configure and monitor traffic collection;
    • Troubleshooting, fine-tuning and automating daily tasks.
  2. Administrative activities:

    • Experience with Project Management;
    • Capacity and performance monitoring;
    • Debugging and maintaining various Darktrace components.
  3. Security Engineering Activities:

    • Experienced in Model/Use Case development and maintenance
    • Scripting
    • Assisting your fellow Security Engineers implement fitting security solutions

Additional Experience:

  • Experience with networking protocols and tools such as SMTP, HTTP/HTTPS, TCP/UDP, FTP, SSH, SCP as well as networking stacks (TCP/IP and OSI);
  • Experience with debugging network related issues;
  • Cloud related infrastructure deployments / tools experience is a plus (Azure, AWS, CASB, Office 365 …);
  • Experience with firewalls, UTMs, NG Firewalls and proxies such as: PaloAlto, Checkpoint, Z-Scaler or similar.

Certifications and Accreditations:

The following certifications (or equivalents) would be a plus:

  • Darktrace/ArcSight/Splunk related certifications / trainings;
  • Windows Infrastructure / Server / Cloud related certifications;
  • Linux (RedHat, LPIC …) related certifications;
  • Relevant major security vendors related certifications;
  • CISSP, CCSP, CompTIA Security+ or equivalent.

Details

DienstverbandVast
Uren per week36-40 upw
RegioUtrecht
NiveauMedior, Senior
OpleidingsniveauHBO, WO