SC2024-003563 Firewall Coordinator (NS) - TUE 21 May
Mons, Wallonia, Belgium
Full Time Contract Clearance required USD 50K - 93K *
EMW, Inc.
Deadline Date: Tuesday 21 May 2024
Requirement: Firewall Coordinator
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 1170
Required Start Date: 24 June 2024
End Contract Date: 31 December 2024
Required Security Clearance: NATO SECRET
Duties and Role:
The main duties will be to:
- Develop and update as required a documented Firewall Change Management Process
- Responsible to oversee the entire FW process execution within VeVA MN, under the lead of the VeVA Service management Working Group (SMWG).
- Ensure to establish coordination channels with other relevant stakeholders in the FW Change Request (FWCR) Process (VeVA Configuration Manager, NCIA Configuration Manager, NCIA BPS team, SMA Design Authority, etc.)
- Ensure to acknowledge and fully understand the VeVA Architecture Definition (Service Level 2 Diagrams) for every technical domain (COMMS, CORE, COI)
- Ensure to update the Architecture Definition Service Level 2 Diagram in case of errors depicted in the management tool deviating from the agreed Architecture Service Diagrams (input for updates are coming from MPNs and VeVA CM).
- Proactively escalate to relevant process owners (VeVA CM, NCIA CM, MNPs CM, etc) on errors found in the FW rules.
- Creation of the Consolidated FWCR List in the management toolset, including the creation and submission of all manual FWCR that have not been automatically identified by the management tool and based on the Architecture Service Diagrams.
- Add all manually created FWs, including the non-federation facing, to the management tool to ensure all rules are contained in a single database.
- Ensure that the manual process is recorded in a process document and automated where possible.
- Endorse that a list of 'always open' ports are confirmed by BPS.
- Verification by exception of the Firewall Rules compliancy.
- Act a single point of contact for the Deployable CIS Support Group (DSG) Deployed Network Operations Center (DNOC) / CIS MN OPCEN L2 Technician for FW rules troubleshooting (for every technical domain, COMMS, CORE IS, DCOI Services).
- Interact with NCIA BPS to trigger/monitor FW Rules Implementation and collect and react upon their feedback about any FWCR issue.
- Monitor and coordinate as required the FWR for NATION to NATO, and FWR NATION to NATION are created, stored and managed by the NATIONS in the management toolset.
- Pro-actively verify the accuracy of the automatically produced FWCR List, and authorize Implementation or Rejection the Firewall Rules that are submitted by MNPs/DSG DNOC as result of missing FWCR in the management tool.
- Coordinate and ensure the correction of Firewall rules judged to be incorrect.
- During an exercise or operation, daily report to the DSG DNOC/ CIS MN OPCEN Head about the execution of the overall VeVA FWCR List.
- Act as the VeVA CM as required to aim, among other functions, to maintain the overall VeVA MN Configuration in the designated CM Toolset, ensuring that all MNPs have provided federated Configuration Data as per agreed implemented Service Functions, of the expected quality and in due time.
- Assess the request for change of already implemented firewall rules, understand the reason for the change and coordinate it with the configuration managers of the evolved mission participants and BPS team.
- Ensure that every approved change to the VeVA MN architecture is properly reflected in the VeVA MN configuration (in the management tool). This involves identification, classification and specification of all configuration items (CIs) and the interfaces to other processes and data.
- Participate in the Exercise Planning Conferences to ensure that the configuration managers' role and required actions are fully understood, and they are fully aware of what is expected of them with regards to the input of configuration data in the management toolset for the FW rules creation.
Specific Working Conditions: Secure environment with standard working hours, with the exception of working non-standard working hours up to complete the contracted hours.
In addition it may exceptionally be required to work non-standard hours, for a limited period of time, due to urgent operational needs
Requirements
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO SECRET security clearance
- A university degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 2 years of specific experience.
- Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency; that is, at least 6 years extensive and progressive expertise in the duties related to the function of the post.
- Proven experience on Configuration Management and Firewall rules management
- Basic familiarity with networking concepts including routing, switching, and IP addressing.
- Strong technical understanding and experience working with various IT Service Management related tools and technology, including but not limited to BMC Remedy ITSM Suite.
- Understanding of infrastructure solutions hosting Service Management tools and technology, including understanding of market leading database solutions (including but not limited to MS SQL and Oracle)
- Sound knowledge of Service Design, Service Transition and Service Operation processes and principles according to ITILv3/v4;
- Experience with ITIL change and configuration management best practices;
- Strong technical understanding and knowledge of all aspects of modern CIS infrastructure, including cloud-based solutions used by large and globally disperse organisations
- Strong understanding and experience working with complex systems and architecture frameworks
- Extensive knowledge of concepts of central management with distribution execution;
- Sound Knowledge of NATO's missions and exercises, as well as peacetime architecture and operations
- Experience leading and facilitating meetings and committees with various stakeholders;
- Working as part of a technical team;
- Experience in the following Microsoft tools: MS Excel, MS Power Point, MS Outlook, MS Word;
- Provide Project Management support as required;
- Strong awareness of business priorities and objectives and how to manage and prioritise the technical activities to support the business
- Ability to work independently and manage multiple tasks simultaneously.
- Strong analytical and creative problem-solving skills to resolve complex issues,
- Demonstrated ability to derive meaningful metrics and guidance from system data and trends,
- Ability to work in a fast-paced, dynamic environment with the ability to manage multiple priorities and projects simultaneously,
- Exceptional communication, interpersonal, and leadership skills, with the ability to collaborate effectively with technical and non-technical stakeholders,
- Strong policy, process, and procedure skills
- Ability to clearly articulate ideas to senior leadership orally and in writing.
Desirable
- Knowledge of IT Service Management through completion of formal certification in ITILv3 or v4 at the Foundation level or higher.
- Working experience in International or Multinational Organizations as well as in military environments will be considered as an asset.
- In-depth knowledge of NATO responsibilities, structure and organization, including ACO and ACT;
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Clearance Cloud Firewalls ITIL MSSQL NATO Oracle Security Clearance SQL
Perks/benefits: Conferences Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs