SC2023-002741 Cyber Security Tools Engineer OVA/OCF (NS) - FRI 17 Mar

Deadline Date: Friday 17 March 2023

Requirement: Cyber Security Tools Engineer OVA/OCF

Location: Mons, BE

Full time on-site: Yes

Time On-Site: 100%

NATO Grade: A/106

Total Scope of the request (hours): 1200

Required Start Date: 17 April 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO SECRET

Duties and Role:

Main responsibilities:

• Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the Cyber tools (Vulnerability Assessment (VA), Forensics and Malware Analysis (MA) systems).
• Act as the Subject Matter Expert of Cyber tools
• Troubleshoot identified issues within the Cyber tools, liaise with other stakeholders and co-ordinate resolution of those issues
• Identify any upgrade requirements and implement new versions following relevant testing and internal change management process
• Proactively propose system and service improvements to provide effective and efficient service operations.
• Implement approved changes.
• Collaborate with other stakeholders supporting project related activities (new implementations, system upgrades/changes, etc.)
• Ensure the level of security (Confidentiality, Integrity, and Availability) of the Cyber tools meets or exceeds the minimum security requirements defined by NATO security authorities.
• Produce metrics to be integrated into wider NCSC or NCI Agency products that are being delivered up to NATO executive management level.
• Maintain awareness of new technologies and developments, industry standards and best practices within the wider IA community and provide support for the selection of new cyber tools.
• Produce technical reports and support the production of executive level reports.
• Review security documentation and provide technical advice.
• When required work autonomously and proactively

Expected outcomes

Under the direction of the STMS Section Head, the incumbent shall deliver the following:

Daily:

• Report on system status, results of the health checks and details on any issues identified.
• In case of any issues, preparation of a resolution plan and any applicable mitigations. The initial plan has to be prepared within 1 working day.
• Manage the ticket queue related to the tools under incumbent's responsibility. The incumbent will respond to all Critical within the same day. High tickets require a response the next day the latest. All other tickets shall be updated at least once a week.

Weekly:

• A brief summarising current situation with ongoing tickets. It shall include any critical as well as system affecting high tickets.
• Any identified issues, which took place or are anticipated in the future have to be added to the brief.

Performance Standards

• Timely delivery of the reports and briefs.
• The section head and/or team lead will regularly assess quality of the deliverables.
• The reports shall contain key elements such as date and time of system checks, expected outcome, observed situation.
• In case of reported issues provide details on 5W: who (is affected), what (happened), when (day/time), where (which systems), why (any supporting details, potential hypothesis).

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience.

Mandatory

• Extensive practical experience in management of Cyber Security related tools
• Very good practical hands-on experience in systems and tools administration and troubleshooting (Windows/Linux).
• Good practical hands-on experience in network infrastructure administration and troubleshooting.
• Good practical hands-on experience in virtual infrastructure administration and troubleshooting.
• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
• Understanding of vulnerability assessment processes and concepts.
• Understanding of forensic processes and concepts.
• Understanding of malware analysis processes, tools and techniques
• Practical experience in system design, documentation and implementation.
• In depth knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• Working knowledge of scripting languages and automation technologies (Python, shell, PowerShell, Ansible)
• Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
• Ability to investigate and analyse complex scenarios and solve problems in innovative ways
• Demonstrable ability to work autonomously and proactively

Desirable

• Demonstrable expert knowledge of Tenable Security Center / Tenable Nessus products
• Extensive practical experience with forensics products (AccessData, Fidelis and Encase)
• Extensive practical experience with malware analysis products (Cuckoo, Opswat Metascan)
• Experience with system instrumentation solutions such as Ansible, Chef, …
• Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
• Tenable Certified Security Engineer
• Prior experience of working in an international environment comprising both military and civilian elements.