SC2024-003563 Firewall Coordinator (NS) - TUE 21 May

Deadline Date: Tuesday 21 May 2024

Requirement: Firewall Coordinator

Location: Mons, BE

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 1170

Required Start Date: 24 June 2024

End Contract Date: 31 December 2024

Required Security Clearance: NATO SECRET

Duties and Role:

The main duties will be to:

• Develop and update as required a documented Firewall Change Management Process
• Responsible to oversee the entire FW process execution within VeVA MN, under the lead of the VeVA Service management Working Group (SMWG).
• Ensure to establish coordination channels with other relevant stakeholders in the FW Change Request (FWCR) Process (VeVA Configuration Manager, NCIA Configuration Manager, NCIA BPS team, SMA Design Authority, etc.)
• Ensure to acknowledge and fully understand the VeVA Architecture Definition (Service Level 2 Diagrams) for every technical domain (COMMS, CORE, COI)
• Ensure to update the Architecture Definition Service Level 2 Diagram in case of errors depicted in the management tool deviating from the agreed Architecture Service Diagrams (input for updates are coming from MPNs and VeVA CM).
• Proactively escalate to relevant process owners (VeVA CM, NCIA CM, MNPs CM, etc) on errors found in the FW rules.
• Creation of the Consolidated FWCR List in the management toolset, including the creation and submission of all manual FWCR that have not been automatically identified by the management tool and based on the Architecture Service Diagrams.
• Add all manually created FWs, including the non-federation facing, to the management tool to ensure all rules are contained in a single database.
• Ensure that the manual process is recorded in a process document and automated where possible.
• Endorse that a list of 'always open' ports are confirmed by BPS.
• Verification by exception of the Firewall Rules compliancy.
• Act a single point of contact for the Deployable CIS Support Group (DSG) Deployed Network Operations Center (DNOC) / CIS MN OPCEN L2 Technician for FW rules troubleshooting (for every technical domain, COMMS, CORE IS, DCOI Services).
• Interact with NCIA BPS to trigger/monitor FW Rules Implementation and collect and react upon their feedback about any FWCR issue.
• Monitor and coordinate as required the FWR for NATION to NATO, and FWR NATION to NATION are created, stored and managed by the NATIONS in the management toolset.
• Pro-actively verify the accuracy of the automatically produced FWCR List, and authorize Implementation or Rejection the Firewall Rules that are submitted by MNPs/DSG DNOC as result of missing FWCR in the management tool.
• Coordinate and ensure the correction of Firewall rules judged to be incorrect.
• During an exercise or operation, daily report to the DSG DNOC/ CIS MN OPCEN Head about the execution of the overall VeVA FWCR List.
• Act as the VeVA CM as required to aim, among other functions, to maintain the overall VeVA MN Configuration in the designated CM Toolset, ensuring that all MNPs have provided federated Configuration Data as per agreed implemented Service Functions, of the expected quality and in due time.
• Assess the request for change of already implemented firewall rules, understand the reason for the change and coordinate it with the configuration managers of the evolved mission participants and BPS team.
• Ensure that every approved change to the VeVA MN architecture is properly reflected in the VeVA MN configuration (in the management tool). This involves identification, classification and specification of all configuration items (CIs) and the interfaces to other processes and data.
• Participate in the Exercise Planning Conferences to ensure that the configuration managers' role and required actions are fully understood, and they are fully aware of what is expected of them with regards to the input of configuration data in the management toolset for the FW rules creation.

Specific Working Conditions: Secure environment with standard working hours, with the exception of working non-standard working hours up to complete the contracted hours.

In addition it may exceptionally be required to work non-standard hours, for a limited period of time, due to urgent operational needs

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• A university degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 2 years of specific experience.
• Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency; that is, at least 6 years extensive and progressive expertise in the duties related to the function of the post.
• Proven experience on Configuration Management and Firewall rules management
• Basic familiarity with networking concepts including routing, switching, and IP addressing.
• Strong technical understanding and experience working with various IT Service Management related tools and technology, including but not limited to BMC Remedy ITSM Suite.
• Understanding of infrastructure solutions hosting Service Management tools and technology, including understanding of market leading database solutions (including but not limited to MS SQL and Oracle)
• Sound knowledge of Service Design, Service Transition and Service Operation processes and principles according to ITILv3/v4;
• Experience with ITIL change and configuration management best practices;
• Strong technical understanding and knowledge of all aspects of modern CIS infrastructure, including cloud-based solutions used by large and globally disperse organisations
• Strong understanding and experience working with complex systems and architecture frameworks
• Extensive knowledge of concepts of central management with distribution execution;
• Sound Knowledge of NATO's missions and exercises, as well as peacetime architecture and operations
• Experience leading and facilitating meetings and committees with various stakeholders;
• Working as part of a technical team;
• Experience in the following Microsoft tools: MS Excel, MS Power Point, MS Outlook, MS Word;
• Provide Project Management support as required;
• Strong awareness of business priorities and objectives and how to manage and prioritise the technical activities to support the business
• Ability to work independently and manage multiple tasks simultaneously.
• Strong analytical and creative problem-solving skills to resolve complex issues,
• Demonstrated ability to derive meaningful metrics and guidance from system data and trends,
• Ability to work in a fast-paced, dynamic environment with the ability to manage multiple priorities and projects simultaneously,
• Exceptional communication, interpersonal, and leadership skills, with the ability to collaborate effectively with technical and non-technical stakeholders,
• Strong policy, process, and procedure skills
• Ability to clearly articulate ideas to senior leadership orally and in writing.

Desirable

• Knowledge of IT Service Management through completion of formal certification in ITILv3 or v4 at the Foundation level or higher.
• Working experience in International or Multinational Organizations as well as in military environments will be considered as an asset.
• In-depth knowledge of NATO responsibilities, structure and organization, including ACO and ACT;