SC2022-002421 Cyber Security Tools Engineer (NS) - TUE 25 Oct

Deadline Date: Tuesday 25 October 2022

Requirement: Cyber Security Tools Engineer

Location: Mons, BE

Full time on-site: Yes

NATO Grade: A/97

Total Scope of the request (hours): 300

Required Start Date: 21 November 2022

End Contract Date: 31 December 2022

Required Security Clearance: NATO SECRET

Duties & Role:

As Tool Engineer, the incumbent will be responsible for supporting Cyber Defence operations, maintaining and updating Vulnerability Assessment (VA), Forensics and Malware Analysis (MA) systems. He will be also responsible for co-ordination with various projects on implementation of additional deployments (new sites following existing design as well service modification/improvements including new design).

He will report to the Head, Security Tools Management Section and collaborating with the personnel from Cyber Hygiene and CS Operations Branches. He will also work with other stakeholders to ensure smooth O&M and project related activities.

The tasks include - but are not limited to – define, install and maintain cyber security related tools (VA, Forensic and MA) ensuring related services are provided to multiple stakeholders.

The Tool Engineer will be in charge of aforementioned systems, ensuring they meet security requirements and proactively identifying areas of improvement.

Main responsibilities:

• Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the Cyber tools (Vulnerability Assessment (VA), Forensics and Malware Analysis (MA) systems).
• Act as the Subject Matter Expert of Cyber tools
• Troubleshoot identified issues within the Cyber tools, liaise with other stakeholders and co-ordinate resolution of those issues
• Identify any upgrade requirements and implement new versions following relevant testing and internal change management process
• Proactively propose system and service improvements to provide effective and efficient service operations.
• Implement approved changes.
• Collaborate with other stakeholders supporting project related activities (new implementations, system upgrades/changes, etc.)
• Ensure the level of security (Confidentiality, Integrity, and Availability) of the Cyber tools meets or exceeds the minimum security requirements defined by NATO security authorities.
• Produce metrics to be integrated into wider NCSC or NCI Agency products that are being delivered up to NATO executive management level.
• Maintain awareness of new technologies and developments, industry standards and best practices within the wider IA community and provide support for the selection of new cyber tools.
• Produce technical reports and support the production of executive level reports.
• Review security documentation and provide technical advice.
• When required work autonomously and proactively

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience.

Mandatory

• Extensive practical experience in management of Cyber Security related tools
• Very good practical hands-on experience in systems and tools administration and troubleshooting (Windows/Linux).
• Good practical hands-on experience in network infrastructure administration and troubleshooting.
• Good practical hands-on experience in virtual infrastructure administration and troubleshooting.
• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
• Understanding of vulnerability assessment processes and concepts.
• Understanding of forensic processes and concepts.
• Understanding of malware analysis processes, tools and techniques
• Practical experience in system design, documentation and implementation.
• In depth knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• Working knowledge of scripting languages and automation technologies (Python, shell, PowerShell, Ansible)
• Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
• Ability to investigate and analyse complex scenarios and solve problems in innovative ways
• Demonstrable ability to work autonomously and proactively

Desirable

• Demonstrable expert knowledge of Tenable Security Center / Tenable Nessus products
• Extensive practical experience with forensics products (AccessData, Fidelis and Encase)
• Extensive practical experience with malware analysis products (Cuckoo, Opswat Metascan)
• Experience with system instrumentation solutions such as Ansible, Chef, …
• Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
• Tenable Certified Security Engineer
• Prior experience of working in an international environment comprising both military and civilian elements.