Beschreibung
Since 1992 SD & T offers consultancy advice and service in the area of telecommunication and information technology. We work in the field of staffing services and innovative workforce solutions as well as in the field of consultancy. Our customers represent the TOP 50 of the German economy, e.g. in the sectors of telecommunication, logistics, banking and insurcance. In these areas of expertise we support our customers with specialized staff and highly qualified consultants.
For our customer from the aerospace sector we are currently looking for a
System Analyst(f/m) Ref. Nr.: 13532 - KN
Contract:: Freelance or employee
Duration: July 2017 till November 2017
Location: Zip code 8 - Munich
Tasks:
- ITIL process implementation and improvement
- Installs, configures, maintains and upgrades cyber security components
- Monitor managed components and manage incidents and problems (ITIL definitions)
- Tune performances
- Perform day-to-day system management such as. user access management, patch management
- Harden system and network components
- Develop, maintain and roll-out reference configurations (ITIL release and deployment management)
- Implement and follow security policies
- Elaborate and maintain system inventory/CMDB, system documentation, operating procedures
- Ensure appropriate testing before applying changes (change evaluation)
- Manage changes through a structured change management process (ITIL Change management)
- Report on service performances and availability, produce dashboards
- Design, develop, install, configure, test, monitor, maintain, troubleshoot and upgrade cyber security infrastructure
- Provide expertise, guidance, recommendations and documented security configurations for implementation of security tools and processes
-Produce detailed engineering specifications
Evaluate and recommend secure configurations
- Identify security requirements, based upon need or translate high-level security requirements into detailed technical requirements
- Support various technical and non-technical stakeholders to specify and negotiate security requirements
- Interact with network and system engineering teams to effectively communicate and develop security solutions
- Drafts documentation and standard operational procedures to support security systems operations
- Ensures the technical design and contributes to implementation of new components and/or enhancements in coordination with other team members in particular project managers, security architects and engineers
- Ensure DRP through appropriate back-ups methods to ensure RTO are met
- Ensure service continuity for the managed components to defined SLAs
- Ensure capacity planning
- Support security monitoring use-case engineering
- Security events collection technical design. Integration of log sources into a SIEM solution.
- Elaboration and translation of the security monitoring policy into monitoring rules
- Investigate, diagnose and solve system related problems
- Schedule installation work, liaising with all concerned to ensure that installation priorities are met and disruption to the organization is minimized
- Diagnose and solve problems and faults occurring in the operation of cyber security components
- Comply with organization procedures to ensure integrity of the system
- Recommend resolutions and improvements
- Provide integrated solutions
- Provide consolidate findings on components or processes
- Document cyber defence components configurations
- Ensure that systems meet agreed service levels
- Ensure that communication performance, recovery, and security needs meet agreed service agreement standards
- Contribute to define network design policies, philosophies and criteria
- Craft, fine-tune and validate low level intrusion detection rules for network and host protection
- Development, test and roll-out new releases of Identity and Access Management solutions
Requirements mandatory:
Spezific Practice:
Network Security Engineering
System Security Engineering
Network Security Administration
System Security Administration
Security Testing (functional and non-functional)
Cryptography
Certifications At least 1 certification among:
GSEC (GIAC Certified Security Essentials)
GCWN (GIAC Certified Windows Security Administrator)
GCED (GIAC Certified Enterprise Defender)
GCUX (GIAC Certified UNIX Security Administrator)
ENSA (EC-Council Certified Network Administrator)
Microsoft Certified System Center Configuration Manager
MCSA (Microsoft Certified Solutions Associate)
or an equivalent certification recognized internationally
Standards:
ISO2700X Series
ITIL
Specific Skills:
ITIL implementation
Ability to design, develop, install, configure, test, monitor, maintain, troubleshoot and
upgrade products
Network Protocols (including IP, TCP, UDP, DNS, SMTP, Syslog-ng, HTTP, IP routing and
fail-over protocols, IEEE 802.1x)
Cryptographic solutions (including common standards and ciphers, symmetric and
asymmetric encryption, PKI, HSM, smartcards)
Security protocols (including SSL/TLS, IPsec, VPN)
Ability to write comprehensive documentation
Hardening/Securing of Windows Servers and Desktops
Hardening/Securing of Unix-like systems (such as System V, Linux, BSD)
Products / Tools:
VMWare VSPHERE and ESXi technologies
Windows Operating systems
Linux Servers (Redhat, DEBIAN)
NetAPP Storage NAS/SAN
Firewalls
System monitoring solutions (Nagios, Centron)
Technical criterias:
Environment complexity
Languages WEB (JSF, JVM, XML, SAML & hellip;)
Oracle DBMS, MS SQL Server, MySQL
SAP HCM
Unix, Solaris, Windows OS
PKI - CA - SW
PKI - RFC 5280
PKI - RFC - 6484
HSM usage
Network
Cloud Computing and „ X“ as a service technology
ID and Access Management
Requirements desired:
Methodologies:
SABSA (Sherwood Applied Business Security Architecture)
Standards:
STIX (Structured Threat Information Expression) with a particular focus on the following
related standards:
CybOX (Cyber Observables)
CAPEC (Attack Patterns)
MAEC (Malware)
TAXII (Threat Information Exchange)
Specific Skills:
Authentication, authorisation and accounting (including RADIUS, TACACS+, Kerberos)
Enterprise Active Directory and GPO development
Auditing systems and networks for configuration weaknesses and vulnerabilities
Administration and task automation using scripting and/or programming languages (e.g.
Python, PowerShell, Perl, Java)
Products / Tools:
Oracle Databases (including RAC)
Cisco IOS
Central password management/vault systems, PKI, HSM
ANSIBLE Tower
Please send us your application (incl. specifications on the availability and conditions) via email (max. 5 MB). Contact: Katharina Nink ( or ).