AAS-C001611 - Engineer (MISP)(NS), Mons - FRI 30th July

작업 내용

• The contracted individual must be able to perform effectively and efficiently with minimal supervision.
• The contractor will mostly be working around the ecosystem of the MISP Threat Sharing instances that are used within NATO and are managed by the NATO Cyber Security Centre (NCSC).
• The contractor may also be tasked with supporting O&M activities of other systems processing data and events such as Security Incident and Event Management (SIEM) or Cyber Defence Situational Awareness (CDSA).
• The duties of the individual mainly focus on
• Scripting and integrations
• Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS, …
• Develop (python) MISP modules to extend functionality.
• System administration
• Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information.
• Regularly update the MISP software to the latest version.
• Configure and extend the system monitoring of those MISP installations.
• Maintain the ansible playbooks related to the MISP setup and configuration.
• Maintain and improve documentation related to the MISP installations within NATO
• Software Development
• Develop new features in the core of the MISP Threat Sharing software (PHP) o Correct bugs and feed them upstream to the open source project.
• Develop reporting capabilities on the data that is stored on those MISP instances.
• Community management
• Provide support to the use-community of the NATO managed MISP instances
• Organize and steer the NATO MISP User Group (MUG) at least twice a year

• Required Security Clearance NATO Secret
• The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas
• Very goodtechnical understanding of the cyber threats to webbased products.
• Excellent python scripting.
• Demonstrated experience as sysadmin with LAMP servers -Linux, Apache, MySQL/MariaDB, PHP.
• Experience in MVC software development and code review of web applications mostly in PHP language and with SQL.
• Good understanding of cyber security principles, best practices, concepts and technology.
• Ability to work both independently and as part of the team to achieve the desired goals, including the ability to monitor and support a team.
• Excellent organizational and communication skills.
• Good level of spoken and written English.
• Desirable, considered as extra asset
• Prior experience in developing code (python, PHP) for MISP
• Prior experience as sysadmin of a MISP Threat Sharing platform
• Sysadmin experience with RedHat
• Experience with SIEM products such as Splunk or ArcSight is an asset.
• Experience with CakePHP
• Experience with forensics acquisition tools like Fidelis or AccessData FTK
• Previous experience working in Cert type organisation
• Previous experience with NATO