C002803 Online Vulnerability Tool Manager (NS) - THU 20 Apr

Location: Mons, BE

Full time on-site: Yes

Time On-Site: 100%

NATO Grade: G15/88

Total Scope of the request (hours): 988

Required Start Date: 1 June 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO SECRET

Duties and Role:

• Act as the main engineer delivering Online Vulnerability Assessment (OVA) service.
• Manage cyber tools used for OVA, Online Computer Forensics (OCF) and Malware Analysis (MA) (further referred as cyber tools).
• Be responsible for ensuring the availability and performance requirements of the cyber tools to meet agreed customers Service Level Targets.
• Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the cyber tools.
• Troubleshoot identified issues within the cyber tools, liaise with other stakeholders and co-ordinate resolution of those issues.
• Carry out all Service Management activities for the cyber tools, including assisting in Service Design workshops, Service Transition activities and ensuring full Service Operations activities (Service Requests, Change Requests, Problem Records, Incident Reports, Root Cause Analysis, etc.) are effectively executed.
• Follow ITIL software life cycle management (such as release, testing, distribution and maintenance) of the tools.
• Liaise with service delivery manager and end-users to ensure the tools sufficiently support the respective services.
• Proactively propose system and service improvements to provide effective and efficient service operations.
• Act as the subject matter expert of Cyber tools - provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness of new technologies and developments and contribute to any projects related to the tools and associated cyber services.
• Follow, establish, and improve procedures that support management of the tools.
• Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation.
• Coordinate with other stakeholders in support of related services; communicate with other NATO entities as well as industry partners.
• Produce documentation, reports; organise and deliver presentations and briefings for various audience (technical and non-technical) up to NATO executive level.

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• At least 3 years of experience in managing and supporting tools in at least one of the following areas: Forensics; Vulnerability assessments; Malware Analysis.
• Additionally at least 1 year of experience in IP switching and routing in a wired and wireless environment
• At least 1 year of experience in Virtual Infrastructure management based on VMWare
• technologies
• At least 1 year of experience in Systems administration, ideally both with Windows and Linux.
• Good software engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell).
• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
• Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience.
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.

Desirable Experience and Education:

• ITIL Service Management certifications.
• Experience with system instrumentation solutions such as Ansible.
• Experience with the technical management of Splunk as Enterprise SIEM.
• Experience with Access Data for forensics acquisition.
• Experience with Tenable Nessus.
• Experience with Service Management, monitoring and reporting tools, ideally Solarwinds.
• Practical experience with forensic investigations, threat hunting, incident, vulnerability and malware analysis.
• Industry leading certification in the area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC and CFCE.
• Previous experience working for Cyber Security related organisations (CERTs, security offices).
• Previous experience working in an international environment comprising both military and civilian elements.