C003561 On-line Vulnerability Assessment (OVA) Tool Manager (CTS) - WED 22 May

Deadline Date: Wednesday 22 May 2024

Requirement: On-line Vulnerability Assessment (OVA) Tool Manager

Location: Mons, BE

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 836

Required Start Date: 1 July 2024

End Contract Date: 31 December 2024

Required Security Clearance: NATO COSMIC TOP SECRET

Duties and Role:

Under the direction of the Operational Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the incumbent shall execute following tasks:

• Act as the engineer delivering Online Vulnerability Assessment (OVA) service for NATO CIS.
• Manage cyber tools used by OVA teams (further referred as cyber tools).
• Be responsible for ensuring the availability and performance requirements of the cyber tools to meet agreed customers Service Level Targets.
• Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the cyber tools.
• Escalate to the vendor any issues that cannot be fixed by the OVA Tool Managers.
• Troubleshoot identified issues within the cyber tools; liaise with other stakeholders and co-ordinate resolution of those issues.
• Carry out all Service Management activities for the cyber tools, including assisting in Service Design workshops, Service Transition activities and ensuring full Service Operations activities (Service Requests, Change Requests, Problem Records, Incident Reports, Root Cause Analysis, etc.) are effectively executed.
• Follow ITIL software life cycle management (such as release, testing, distribution and maintenance) of the tools.
• Liaise with service delivery manager and end-users to ensure the tools sufficiently support the respective services.
• Proactively propose system and service improvements to provide effective and efficient service operations.
• Act as the subject matter expert of Cyber tools - provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness of new technologies and developments and contribute to any projects related to the tools and associated cyber services.
• Follow, establish, and improve procedures that support management of the tools.
• Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation.
• Coordinate with other stakeholders in support of related services; communicate with other NATO entities as well as industry partners.
• Produce documentation, reports; organise and deliver presentations and briefings for various audience (technical and non-technical) up to NATO executive level.
• Stay current with emerging security threats and technologies.

Deliverables and Expected Outcomes:

Under the direction of the Operational Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the incumbent shall deliver the following:

• Daily: verify that the OVA tools are up, running, updated and healthy; resolve issues; fulfil customer requests, coordinate and work with other stakeholders to improve/maintain tools,
• Weekly: do the maintenance (backup, improve system resources, tool upgrades, etc.), meet with the customer (to better understand their expectations, evaluate their satisfaction, improve service quality), meet with Vendor (get information regarding the new releases, features, updates, ongoing cases, etc.), attend CM meetings (CAB, Evaluation, etc.)
• Monthly: coordinate and work with other entities for patching (like OS, other than security tools, to decrease the impact of those activities on the service)

Performance Standards

Availability, reliability, performance, security level of the tools should be in good level.

Response and resolution time for the requests/incidents should be in the service levels.

Specific Working Conditions: Normal office conditions. Some hybrid working may be allowable within the context of the role and with agreement of the Line Manager and in line with other staff

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
• Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience
• 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations.
• Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center.
• IP switching and routing in a wired and wireless environment.
• Virtual Infrastructure management based on VMWare technologies.
• Systems administration, ideally both with Windows and Linux.
• Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell).
• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
• Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience.
• Strong analytical and problem-solving skills.
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
• Experience with threat intelligence, incident response and remediation a plus.
• Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs is a plus.
• Knowledge of NATO organization and its IT infrastructure is a plus.
• Experience with Service Management, monitoring and reporting tools, ideally Solarwinds is a plus.
• ITIL Service Management certifications is a plus.
• Experience with system instrumentation solutions such as Ansible is a plus.
• Certifications such as CISSP, CISM, or CISA is a plus.
• Previous experience working for Cyber Security related organisations (CERTs, security offices) is a plus.
• Previous experience working in an international environment comprising both military and civilian elements is a plus.