First Line Security Event Analyst (FLSEA) 6

Mons, Belgium Deadline: 29-06-2026 Posted: 12-06-2026 #16992

Duties

  • As a First Line Security Event Analyst (FLSEA), the incumbent will perform initial analysis of logs and network traffic, determine alert severity and escalate when required.
  • The analyst will collate information and present findings in a clear, structured format, providing remediation recommendations and first line response where applicable.
  • Conduct research and assessments of security events within NATO Cyber Security Centre (NCSC)team.
  • Provide analysis of firewall, IDS, anti-virus and other network sensor produced events and present findings.
  • Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations.
  • Support the end-to-end Incident Handling process.
  • Propose optimisations and enhancements which help to both maintain and improve NATO's Cyber Security posture.

Requirement

  • A university degree in a technical subject with a focus on Information Technology (IT), obtained from a nationally recognised/certified institution in addition to a minimum of 1 year experience in the field of cyber security analysis.
  • The lack of a degree may be compensated by at least 3 years of relevant experience in field of cyber security analysis.
  • Similarly, candidate's lacking experience can compensate by demonstrating a high level of knowledge in the field of cybersecurity.
  • Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems.
  • Broad understanding of common network security threats and mitigation techniques.
  • Security Information and Event Management products (SIEM) – e.g. ArcSight, Splunk.
  • Analysis of Network Based Intrusion Detection Systems (NIDS) events– e.g. SourceFire, Palo Alto Network Threat Prevention.
  • Log analysis from a variety of sources (e.g. Firewalls, Proxies, Routers, DNS and other security appliances).
  • Network traffic capture analysis using Wireshark.
  • Logical approach to analysis and ability to perform structured security investigations using large, complex data sets.
  • Good written and spoken communication skills.
  • Ability to work independently and as part of a team.

Preferences

  • Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH.
  • Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT).
  • Proficiency in Intrusion/Incident Detection and Handling.
  • Full Packet Capture systems – e.g. Niksun, RSA/NetWitness.
  • Host Based Intrusion Detection Systems (HIDS).
  • Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.).
  • Computer forensics tools (stand alone, online and network).
  • Military communication systems and networks.

Apply for this position

Back