AAS-C001111- Cyber Security Event Analyst (CTS), Mons-WED 20th Oct (Relaunc

Job content

AAS-C001111- Cyber Security Event Analyst (CTS), Mons-WED 20th Oct (Relaunch)

DEADLINE: WEDNESDAY 20th OCTOBER 2021
Equivalent NATO Grade: A2/59
Work Location: Mons, BE
Full time on-site: Yes
Required Start Date: 22-NOV-2021

Total Scope of the request (hours): 300

Required Security Clearance: NATO Cosmic Top Secret

Requirement Title: Cyber Security Event Analyst

• Manages, coordinates and leads On-Line Vulnerability Assessment Cell;
• Provides general technical direction on COMPUSEC On-Line Vulnerability Assessment services and On-Line programmes;
• Perform centralised On-Line COMPUSEC Vulnerability Assessments of remote networks and interfaces on classified and unclassified networks, systems and websites;
• Perform functions to ensure Cyber Security Hygiene Indicators (CSHI) programme is implemented effectively and efficiently;
• Perform COMPUSEC Penetration Testing (Type 4 Security Audits) on classified and unclassified networks, systems and websites;
• Support NCI Agency CIS Support Units and other NATO Command Structure entities and customers in the process of vulnerability remediation;
• Maintain awareness of new technologies and developments, industry standards and Best Practices and Threat Intelligence within wider IA community;
• Monitor developments in area of expertise with a view to optimising OVA practice to meet current best practice;
• Liaise with NCSC FOC Service Manager and NCSC FOC O&M contractor to ensure that NCSC FOC On-Line Vulnerability Assessment Capability (OVAC) is operational;
• Develop wide ranging Security Audit, Compliance Check & Penetration Testing documentation, which will include:

On-Line Security Audit, Compliance Check & Penetration Testing reports; Security Audit, Compliance Check & Penetration Testing trend analysis reports; Security Audit, Compliance Check & Penetration Testing tool operating/configuration instructions; General Security Audit, Compliance Check & Penetration Testing procedure documentation;- Provide technical assistance as required to System Accreditation Authorities (SAA);

• Provide required support for selection of security tools;
• Provide training and advice to NATO wide COMPUSEC/CIS Security staff in areas of Security Audit, Compliance Check & Penetration Testing Training;
• Provide cyber defence support to NATO Exercises, which include:

Pre-deployment configuration check;

Duties & Role:
Exercise planning and direction; Deployed system security audits and compliance checks; Support to the remediation activities;- Provide COMPUSEC-related input to NATO Policy and Agency Directives in Cyber Security area;

• Support production of Standard Operating Procedures covering all aspects of vulnerability data collection, vulnerability data analysis and reporting processes to ensure consistency with NATO Policy and Agency Directives;
• Participate in NCI Agency and NATO Project Working Groups (WGs) as Subject Matter Expert (SME) in Vulnerability Assessment procedures, Website Security and Cyber Security Hygiene and supporting NCI Agency Cyber Security initiatives in these domains;
• Provide analysis and interpretation of vulnerability assessment results and recommendation of mitigation strategies;
• Produce technical and executive level reports;
• Review security documentation and provide advice;

Requirements:

• Required Security Clearance: NATO Cosmic Top Secret
• Previous experience of working in NATO
• Excellent communication skills with respect to briefing/presenting, report writing & mediation and relevant experience.
• Excellent proven leadership, managerial, organizational and coordination skills and relevant experience of a team of technical experts on Enterprise Vulnerability Assessment/Management solutions.
• Extensive experience in COMPUSEC Vulnerability Assessment area, particularly in interpretation of results of CIS Technical Security Vulnerability Assessments
• Experience with Cyber Hygiene and top 20 Critical Security Controls for effective cyber defence
• Experience in implementation and integration of CIS Security protective measures
• Knowledge of risk-based Security Assessment of systems and networks
• Comprehensive understanding of principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications acquired through blend of academic or professional training coupled with practical professional experience
• Practical hands-on experience in system and network administration
• Experience of management of CIS service delivery
• Proven ability to communicate effectively orally and in writing with good briefing skills.
• Desirable Experience and Education:
• - Degree in IT or CIS security related discipline
• - Industry leading certification in area of Cyber Security such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC certifications in 500 or 600 series.

Benefits:
Required Security Clearance: NATO Cosmic Top Secret

Job Type: Full-time

Work Location: Multiple Locations