Deadline Date: Monday 24 April 2023
Requirement: Cyber Security Tools Engineer OVA/OCF
Location: Mons, BE
Full time on-site: Yes
Time On-Site: 100%
NATO Grade: A/106
Total Scope of the request (hours): 988
Required Start Date: 5 June 2023
End Contract Date: 31 December 2023
Required Security Clearance: NATO SECRET
NOTE: This is a relaunch of SC2023-002741.
Previously proposed candidates were non-compliant for the following reasons: - Candidate was interviewed but he showed that he/she does not have adequate information related to systems and tools administration, network infrastructure administration and troubleshooting, and troubleshooting in Linux environment for the position requirements - Candidates have not enough hands-on experience in systems and tools administration and troubleshooting - Candidate has not enough hands-on experience in systems and tools administration, virtual infrastructure administration, network infrastructure administration and troubleshooting
Duties and Role:
Main responsibilities:
- Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the Cyber tools (Vulnerability Assessment (VA), Forensics and Malware Analysis (MA) systems).
- Act as the Subject Matter Expert of Cyber tools
- Troubleshoot identified issues within the Cyber tools, liaise with other stakeholders and co-ordinate resolution of those issues
- Identify any upgrade requirements and implement new versions following relevant testing and internal change management process
- Proactively propose system and service improvements to provide effective and efficient service operations.
- Implement approved changes.
- Collaborate with other stakeholders supporting project related activities (new implementations, system upgrades/changes, etc.)
- Ensure the level of security (Confidentiality, Integrity, and Availability) of the Cyber tools meets or exceeds the minimum-security requirements defined by NATO security authorities.
- Produce metrics to be integrated into wider NCSC or NCI Agency products that are being delivered up to NATO executive management level.
- Maintain awareness of new technologies and developments, industry standards and best practices within the wider IA community and provide support for the selection of new cyber tools.
- Produce technical reports and support the production of executive level reports.
- Review security documentation and provide technical advice.
- When required work autonomously and proactively
Expected outcomes
Under the direction of the STMS Section Head, the incumbent shall deliver the following:
Daily:
- Report on system status, results of the health checks and details on any issues identified.
- In case of any issues, preparation of a resolution plan and any applicable mitigations. The initial plan has to be prepared within 1 working day.
- Manage the ticket queue related to the tools under incumbent's responsibility. The incumbent will respond to all Critical within the same day. High tickets require a response the next day the latest. All other tickets shall be updated at least once a week.
Weekly:
- A brief summarising current situation with ongoing tickets. It shall include any critical as well as system affecting high tickets.
- Any identified issues, which took place or are anticipated in the future have to be added to the brief.
Performance Standards
- Timely delivery of the reports and briefs.
- The section head and/or team lead will regularly assess quality of the deliverables.
- The reports shall contain key elements such as date and time of system checks, expected outcome, observed situation.
- In case of reported issues provide details on 5W: who (is affected), what (happened), when (day/time), where (which systems), why (any supporting details, potential hypothesis).
Requirements
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO SECRET security clearance
- Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience.
Mandatory
- Extensive practical experience in management of Cyber Security related tools
- Very good practical hands-on experience in systems and tools administration and troubleshooting (Windows/Linux).
- Good practical hands-on experience in network infrastructure administration and troubleshooting.
- Good practical hands-on experience in virtual infrastructure administration and troubleshooting.
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Understanding of vulnerability assessment processes and concepts.
- Understanding of forensic processes and concepts.
- Understanding of malware analysis processes, tools and techniques
- Practical experience in system design, documentation and implementation.
- In depth knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
- Working knowledge of scripting languages and automation technologies (Python, shell, PowerShell, Ansible)
- Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
- Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
- Ability to investigate and analyse complex scenarios and solve problems in innovative ways
- Demonstrable ability to work autonomously and proactively
Desirable
- Demonstrable expert knowledge of Tenable Security Center / Tenable Nessus products
- Extensive practical experience with forensics products (AccessData, Fidelis and Encase)
- Extensive practical experience with malware analysis products (Cuckoo, Opswat Metascan)
- Experience with system instrumentation solutions such as Ansible, Chef, ...
- Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
- Tenable Certified Security Engineer
- Prior experience of working in an international environment comprising both military and civilian elements.