2657 Cyber Security and Guard Support

工作内容

• SCOPE OF WORK The main objective of the statement of work is to underline the Cyber Security needs of the NCSC and to look for support to Gateway Security Services, the Level 3 Cyber Security and Guard that should be manned by the service supplier on a daily basis to ensure service objectives are met continuously. The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of CYBER SECURITY AND GUARD Support with a deliverable based (completion-type) contract to be executed in 2025.
  
  

The Service Provider Will Be Required To Deliver a Daily Activities Schedule, Orchestrate NCIA Processes As Well As Represent NCSC Business Unit On An Enterprise Level Where Required. Tasks Performed By a Contractor Include:

• Build, implement, maintain, and support systems within existing cross-domain gateways (System Administration).
• Configure, maintain, review and update configuration settings and policies on guard components and data diodes (System Configuration)
  
  

Under the direction / guidance of the NCSC Point of Contact, a contractor will be the part of the NCSC Team supporting the following activities: 2. Central configuration of Guards and Data Diodes 3. Updating of Guard and Data Diode software/patches 4. Documentation of Guards and Data Diode systems 5. Support of Guards and Data Diodes Central configuration of Guards and Data Diodes

• Central system administration of Guards and Data Diodes to ensure continuing functionality and availability.
• Hardware and software systems installation and configuration
• User and access management
• Back up and restore systems data
• Monitor system performance and availability
• Log forwarding towards archiving and/or forensic systems
• Analyze, troubleshoot and resolve application issues
• Development of automation scripts to meet day to day system administration tasks
• Implementation and verification of guards and data diode configuration to meet customer cross-domain data exchange requirements
• Adaptation of release markings
• Adaptation of email attachment types
• Configuration of additional cross-domain flows
• Back up and restore configuration data
• Monitor patch releases
• Test new software and patches
• Support A2SL process for approval of software updates
• Installation and configuration of software and patch updates
• Development of SOPs and other documentation for repetitive activities
• Produce and maintain comprehensive documentation for all implemented systems
• Review and update security documentation
• Education/training/familiarization of other teams
• Technical support in troubleshooting infrastructure and operational issues
• Collaborate with other teams for a successful resolution;
• Provide technical support and guidance by answering end-user requests to identify issues in secure cross-domain data exchange
  
  

The purpose of daily Central administration and configuration of Guards and Data Diodes is to ensure continuing functionality and availability of those critical systems in order to support a wide range of end-user facing services.

The Service Provider Will:

• Support the team by routinely reviewing the tickets queue to ensure 4 hours response time for normal events and 1 hour response time for high/critical events
• Provide multi-channel support (phone, email, internal chat)
• Develop and maintain a repository of scrips to automate recurring systems administration activities.
• Ensure correct logging and log forwarding configurations to support availability of system events in central log database.
• Provide pro-active system administration and maintenance to prevent system failures
• Update the configuration of cross-domain security guards or data-diodes based on changing requirements.
• Ensure a working backup/restoration procedure of configuration settings has been tested, implemented and documented.
• Escalate critical events to appropriate channels within 4 hours
  
  

GSS contractor is expected to be an experienced Linux administrator and should have sufficient knowledge in Hardware, Systems, Networks, and Cyber Security Tools.

The primary purpose of Central configuration of Guards and Data Diodes is to ensure that all configuration requests are properly prepared (investigated, evaluated and risk assessed) for consideration, documented and implemented.

Updating of Guard and Data Diode software/patches

The Service Provider Will:

• Raise required documentation to initiate the software approval process
• Update production systems to the latest approved software version
  
  

The primary purpose of updating of Guard and Data Diode software/patches is to ensure that the systems operate with the latest approved and most secure software/application version. It includes the scheduling for deployment, cutover and testing of the updates.

Documentation of Guards and Data Diode systems

The Service Provider Will:

• Document setup, configuration, installation specifics into the GSS documentation repository
• Attend internal meetings within GSS team to provide hands-on demonstration and familiarization of cross-domain gateway systems
  
  

Support of Guards and Data Diodes

The Service Provider Will:

• Provide support to NATO staff users and collaborate with other admin staff to resolve tickets related to cross-domain data transfer
• Create entries on issues activities
  
  

The support activities are typically documented within the NCIA ITSM tool suite.

Service Level Agreements (SLAs)

The Following SLAs Will Apply:

Average speed of answer: 30 minutes-4hours

Service provider is expected to provide service every day during normal business hours 08:30-17:30. In addition to the above, it is desirable for the contracted individual to have working experience and knowledge in the following areas:

• COORDINATION AND REPORTING The contractor shall participate in daily status update meetings, activity planning and other meetings as instructed, via electronic means using Conference Call capabilities, according to the Operation Managers / Team Leaders instructions. Due to the AGILE approach of this project, there is a need to define a set of specific arrangements between the NCIA and the contractor that specifically defines the deliverables to be provided for each sprint as well as their associated acceptance criteria. This includes sprint planning, execution and review processes.
• SECURITY AND NON-DISCLOSURE AGREEMENT Any proposed resource providing services under this SOW must be in possession of a security clearance NATO SECRET or above to facilitate follow-on engagements and coordination at NATO venues. The signature of a Non-Disclosure Agreement between any Service Provider’s individuals contributing to this task and NCIA will be required prior to execution.
• PRACTICAL ARRANGEMENTS The contractor will be required to provide the service 100% on-site at NCIA Mons, Belgium. Exceptional off-site activities to support service delivery can also be arranged with the line manager’s coordination and approval. NCI Agency will provide access to relevant networks and resources as required by the project. There might be requirements to perform out-of-hours work to support planned maintenance activities or delivery of critical services as well as to provide on-call support outside regular business hours.
• TRAVEL There may be limited travel required (max.3 times/per year, each travel up to 3 working days), specifically to Brussels, Belgium, The Hague, Netherlands or Brunssum, Netherlands. No additional cost for travel (including accommodation, per diem, travel expenses, etc.,) will be claimed separately. All travel arrangements are the responsibility of the contractor.
• REQUIRED PROFILE The contractor that is going to perform the identified tasks as an operation and maintenance expert of CYBER SECURITY AND GUARD must have demonstrated skills, knowledge and experience as listed below. Activities performed by the contractor include facilitation of all lifecycle aspects of Boundary Protection Components deployed within and on the edge of NATO networks
• Bachelor’s degree in Computer Science, Information Technology, or related field Or equivalent experience.
• 5+ years of experience in IT security, with a focus on Security Tools Management in large organizations.
• Strong understanding of security best practices
• Good engineering skills including programming
• Demonstrable experience of analyzing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviors.
• Experience with system instrumentation solutions such as below:
• Linux System Administration (preferred RedHat Enterprise Linux)
• Scripting/Automation (Bash, Python, Ansible)
• Other Boundaries Protections Devices such as firewalls
• System security, including hardening and SELinux
• System monitoring and troubleshooting
• Experience with network protocols and traffic analysis
• Ability to troubleshoot complex network security issues
• LAN/WAN networking including protocol network architecture
• TCP/IP protocols and services
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
• Official Linux certification (such as RHCSA, GCUX,)
• Official Network Management certification (such as Network+)
• Official Service Management certification (such as ITIL Foundation )
• Understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
• Possession of Industry leading certification in the area of Cybersecurity such as CISSP, CISM, CISA, GSNA, SANS GIAC
• Experience in working with NATO.
• Experience of working with NATO Communications and Information Agency.
• Experience of working with national Defence or Government entities.
• Strong stakeholder management skills - can demonstrate evidence of developing and maintaining strong and effective relationships with internal stakeholders at all levels in an organization.
• Flexible and adaptable; experience of working in ambiguous situations.
• Excellent mentoring skills.