Cyber Security Tools Engineer OVA/OCF

Role

Cyber Security Tools Engineer OVA/OCF

Reference

10569

Profile

RFQ SC2023/002804

Main responsibilities:

- Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the Cyber tools (Vulnerability Assessment (VA), Forensics and Malware Analysis (MA) systems).
- Act as the Subject Matter Expert of Cyber tools
- Troubleshoot identified issues within the Cyber tools, liaise with other stakeholders and co-ordinate resolution of those issues
- Identify any upgrade requirements and implement new versions following relevant testing and internal change management process
- Proactively propose system and service improvements to provide effective and efficient service operations.
- Implement approved changes.
- Collaborate with other stakeholders supporting project related activities (new implementations, system upgrades/changes, etc.)
- Ensure the level of security (Confidentiality, Integrity, and Availability) of the Cyber tools meets or exceeds the minimum- security requirements defined by NATO security authorities.

- Produce metrics to be integrated into wider NCSC or NCI Agency products that are being delivered up to NATO executive management level.
- Maintain awareness of new technologies and developments, industry standards and best practices within the wider IA community and provide support for the selection of new cyber tools.
- Produce technical reports and support the production of executive level reports.
- Review security documentation and provide technical advice.
- When required work autonomously and proactively

Expected outcomes
Under the direction of the STMS Section Head, the incumbent shall deliver the following:

Daily:
- Report on system status, results of the health checks and details on any issues identified.
- In case of any issues, preparation of a resolution plan and any applicable mitigations. The initial plan has to be prepared within 1 working day.
- Manage the ticket queue related to the tools under incumbent's responsibility. The incumbent will respond to all Critical within the same day. High tickets require a response the next day the latest.
All other tickets shall be updated at least once a week.

Weekly:
- A brief summarising current situation with ongoing tickets. It shall include any critical as well as system affecting high tickets.
- Any identified issues, which took place or are anticipated in the future have to be added to the brief.


Performance Standards
- Timely delivery of the reports and briefs.
- The section head and/or team lead will regularly assess quality of the deliverables.
- The reports shall contain key elements such as date and time of system checks, expected outcome, observed situation.
- In case of reported issues provide details on 5W: who (is affected), what (happened), when (day/time), where (which systems), why (any supporting details, potential hypothesis).

Requirements:

Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience.

Mandatory Requirements:
- Extensive practical experience in management of Cyber Security related tools
- Very good practical hands-on experience in systems and tools administration and troubleshooting (Windows/Linux).
- Good practical hands-on experience in network infrastructure administration and troubleshooting.
- Good practical hands-on experience in virtual infrastructure administration and troubleshooting.
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Understanding of vulnerability assessment processes and concepts.
- Understanding of forensic processes and concepts.
- Understanding of malware analysis processes, tools and techniques
- Practical experience in system design, documentation and implementation.
- In depth knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
- Working knowledge of scripting languages and automation technologies (Python, shell, PowerShell, Ansible)
- Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
- Good communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
- Ability to investigate and analyse complex scenarios and solve problems in innovative ways
- Demonstrable ability to work autonomously and proactively

Desirable Requirements:
- Demonstrable expert knowledge of Tenable Security Center / Tenable Nessus products
- Extensive practical experience with forensics products (AccessData, Fidelis and Encase)
- Extensive practical experience with malware analysis products (Cuckoo, Opswat Metascan)
- Experience with system instrumentation solutions such as Ansible, Chef, ...
- Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
- Tenable Certified Security Engineer
- Prior experience of working in an international environment comprising both military and civilian elements.

Location

Mons, BE

Start date

05/06/2023

Contract length

988 hours

Deadline closes

25/04/2023

Max hourly rate (€)

lowest price technically compliant

Remarks

NATO Secret

Security clearance

A security clearance is required