2022-0122 Cloud SOC Analyst (NS) - FRI 6 Jan OFF-SITE
The Hague, South Holland, Netherlands - Remote
Deadline Date: Friday 6 January 2023
Requirement: Cloud SOC Analyst
Location: Off-Site
Full time on-site: No
NATO Grade: A/87,230 EUR (Each sprint 3,965 EUR)
Required Start Date: 30 January 2023
End Contract Date: 30 December 2023
Required Security Clearance: NATO SECRET
Duties & Role:
1 INTRODUCTION
The NATO Communications and Information Agency (NCI Agency) has moved towards short-cyclic capability development via NATO Software Factory (NSF) services. NSF is a development and testing DevSecOps Platform hosted in Microsoft Azure Cloud, designed to enable the use of standardized secure software engineering processes and common tooling shared by Alliance Federation, Industry, Academia and Nations. NCI Agency is looking for a Cloud SOC Analyst to act as a cybersecurity first responder and execute daily security operations duties for the NSF platform and its customers.
2 OBJECTIVES
The main objective of this statement of work is in relation to the security operations activities for the NATO Software Factory.
3 SCOPE OF WORK
Under the direction / guidance of the NCIA Point of Contact or delegated staff, the Cloud SOC Analyst will run daily security operations activities:
- Monitoring
- Detection and response
- Threat Hunting
- Event and incident response
- Continuity of Operations
The Cloud SOC Analyst will also contribute and support enhancements work-packages related to the NSF platform security posture and SOC Operations on the main pillars (organizational, people, processes and technology). The contractor will be part of the NSF team and will provide the service using an Agile and iterative approach during multiple sprints. Each sprint is planned for a duration of 1 week. The content and scope of each sprint will be agreed during the sprint-planning meeting.
4 DELIVERABLES AND PAYMENT MILESTONES
The following deliverables are expected from the service on this statement of work:
Deliverable 01: 22 sprints of security operations and security enhancements activities.
NTE Sprint Cost: 3,965 EUR
Number of Sprints: 22
NTE Total Cost: 87,230 EUR
Payment Milestones: Upon completion of each fourth sprint and at the end of the service.
The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements
5 COORDINATION AND REPORTING
The contractor shall participate in daily status update meetings, sprint planning, sprint retrospectives and other meetings, physically in the office, or in person via electronic means using Conference Call capabilities, according to Service Delivery Manager’s instructions.
For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her service during the sprint, first verbally during the retrospective meeting and then in written within three (3) days after the sprint’s end date. The format of this report shall be a short email to the NCIA Point of Contact mentioning briefly the service held and the development achievements during the sprint.
6 SCHEDULE
This task order will be active immediately after signing of the contract by both parties. It is expected the initial service starts on 30th January 2023 and will end no later than 31 December 2023.
7 CONSTRAINTS
All the deliverables provided under this statement of work will be based on NCI Agency templates or agreed with the point of contact. All work, artefacts, scripts, documentation, etc. will be stored under configuration management and/or in the provided NCI Agency tools.
All the deliverables of this project will be considered NATO UNCLASSIFIED
Part of the service may involve handling sensitive data, therefore, a security clearance at the right level is expected for the contractor(s) undertaking this service.
8 PRACTICAL ARRANGEMENTS
The contractor will be required to provide the service off site. Access to the NCI Agency NSF platform will be provided in coordination with the NCIA Point of Contact or delegated staff.
The contractor may be required occasionally to travel to NCI Agency sites within NATO for completing these tasks. Travel expenses will be reimbursed to the individual directly (outside this contract) under NATO rules.
This service must be accomplished by ONE contractor.
Requirements
9 QUALIFICATIONS
The consultancy support for this service requires a Cloud SOC Analyst with the
following qualifications:
- The candidate must have a currently active NATO SECRET security clearance
- The candidate has a strong record of accomplishments in cloud security operations.
- The candidate has a broad understanding of cybersecurity best practices, techniques and tools, attack vectors, cyber threats.
- The candidate has relevant key soft skills such as collaboration, problem solving, critical thinking, inquisitive mind and ability to work under pressure.
- The candidate has extensive understanding of information technologies including networks and protocols.
- The candidate has strong relevant skills and experience with cloud security operations at tactical level:
- Security incidents analysis and triage,
- Security incident response,
- Security incident recovery,
- Threat Hunting
- The candidate has experience with and deep knowledge on the use of various cloud SOC tools and services:
- Microsoft Sentinel,
- Microsoft Defender for Cloud,
- Microsoft Defender(s) (M365, Endpoint, Identity, Cloud Apps),
- Azure and M365 Logging and Monitoring,
- Endpoint detection and response (EDR) solution,
- Azure Information Protection,
- Azure Active Directory Identity Protection,
- Microsoft Purview Compliance Manager,
- Kusto Query language (KQL),
- Other security tools
- The candidate has experience with Microsoft 365 and Azure services and tools:
- Azure Active Directory,
- Application gateways,
- Azure policies,
- Azure automation accounts,
- Azure Network Security Groups,
- Azure DDoS protection
- The candidate has experience with Windows and Linux operating systems.
- The candidate has strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
- The candidate is able to speak and write fluent English since the service is conducted in English.
- The candidate must have the nationality of one of the NATO nations.
Tags: Active Directory Agile Automation Azure Clearance Cloud Compliance DDoS DevSecOps EDR Incident response Linux Monitoring NATO Network security Scrum Security Clearance SOC Windows
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs