C003561 On-line Vulnerability Assessment (OVA) Tool Manager (CTS) - WED 22 May
Mons, Wallonia, Belgium
Full Time Contract Mid-level / Intermediate Clearance required USD 40K - 74K *
EMW, Inc.
Deadline Date: Wednesday 22 May 2024
Requirement: On-line Vulnerability Assessment (OVA) Tool Manager
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 836
Required Start Date: 1 July 2024
End Contract Date: 31 December 2024
Required Security Clearance: NATO COSMIC TOP SECRET
Duties and Role:
Under the direction of the Operational Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the incumbent shall execute following tasks:
- Act as the engineer delivering Online Vulnerability Assessment (OVA) service for NATO CIS.
- Manage cyber tools used by OVA teams (further referred as cyber tools).
- Be responsible for ensuring the availability and performance requirements of the cyber tools to meet agreed customers Service Level Targets.
- Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the cyber tools.
- Escalate to the vendor any issues that cannot be fixed by the OVA Tool Managers.
- Troubleshoot identified issues within the cyber tools; liaise with other stakeholders and co-ordinate resolution of those issues.
- Carry out all Service Management activities for the cyber tools, including assisting in Service Design workshops, Service Transition activities and ensuring full Service Operations activities (Service Requests, Change Requests, Problem Records, Incident Reports, Root Cause Analysis, etc.) are effectively executed.
- Follow ITIL software life cycle management (such as release, testing, distribution and maintenance) of the tools.
- Liaise with service delivery manager and end-users to ensure the tools sufficiently support the respective services.
- Proactively propose system and service improvements to provide effective and efficient service operations.
- Act as the subject matter expert of Cyber tools - provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness of new technologies and developments and contribute to any projects related to the tools and associated cyber services.
- Follow, establish, and improve procedures that support management of the tools.
- Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation.
- Coordinate with other stakeholders in support of related services; communicate with other NATO entities as well as industry partners.
- Produce documentation, reports; organise and deliver presentations and briefings for various audience (technical and non-technical) up to NATO executive level.
- Stay current with emerging security threats and technologies.
Deliverables and Expected Outcomes:
Under the direction of the Operational Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the incumbent shall deliver the following:
- Daily: verify that the OVA tools are up, running, updated and healthy; resolve issues; fulfil customer requests, coordinate and work with other stakeholders to improve/maintain tools,
- Weekly: do the maintenance (backup, improve system resources, tool upgrades, etc.), meet with the customer (to better understand their expectations, evaluate their satisfaction, improve service quality), meet with Vendor (get information regarding the new releases, features, updates, ongoing cases, etc.), attend CM meetings (CAB, Evaluation, etc.)
- Monthly: coordinate and work with other entities for patching (like OS, other than security tools, to decrease the impact of those activities on the service)
Performance Standards
Availability, reliability, performance, security level of the tools should be in good level.
Response and resolution time for the requests/incidents should be in the service levels.
Specific Working Conditions: Normal office conditions. Some hybrid working may be allowable within the context of the role and with agreement of the Line Manager and in line with other staff
Requirements
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
- Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience
- 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations.
- Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center.
- IP switching and routing in a wired and wireless environment.
- Virtual Infrastructure management based on VMWare technologies.
- Systems administration, ideally both with Windows and Linux.
- Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell).
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
- Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience.
- Strong analytical and problem-solving skills.
- Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
- Experience with threat intelligence, incident response and remediation a plus.
- Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs is a plus.
- Knowledge of NATO organization and its IT infrastructure is a plus.
- Experience with Service Management, monitoring and reporting tools, ideally Solarwinds is a plus.
- ITIL Service Management certifications is a plus.
- Experience with system instrumentation solutions such as Ansible is a plus.
- Certifications such as CISSP, CISM, or CISA is a plus.
- Previous experience working for Cyber Security related organisations (CERTs, security offices) is a plus.
- Previous experience working in an international environment comprising both military and civilian elements is a plus.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible APIs CISA CISM CISSP Clearance Computer Science Incident response ITIL IT infrastructure Linux Monitoring NATO Nessus PowerShell Python Scripting Security Clearance Threat intelligence Top Secret VMware Vulnerabilities Windows
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs