Skip to main content

This job has expired

Security Tool Manager - NATO Belgium

Employer
NCIM Groep
Location
Mons, Belgium
Salary
Negotiable daily rate
Closing date
8 Dec 2020

Job Details

RFQ: 4925-0

Duties

  • As Full Packet Capture (FPC) / Network Intrusion Prevention System (NIPS) Tool Manager, the candidate will be responsible for supporting Cyber Defense operations, maintaining and updating the tool’s configurations to match the threat environment, specifically for Full Packet Capture and Network Prevention Intrusion System activities.
  • The Tool manager reports to the Head, Gateway Security Services Section and will work with the Security Event Analysts (SEAs) and the Engineers of the CS Operations Branch to help tune the security tools for optimum CS Incident Detection while keeping the required performance target.a
  • He will also work with the Staff of the Platform and Infrastructure Management Section to support the underlying platforms.
  • The main aim is to ensure that Full Packet Capture (capability to store locally a record of the network traffic at various critical points) and NIPS (capacity to identify potential cyber-attacks and intrusion on NATO networks) are installed, configured and fully available.

Main responsibilities include, but are not limited to the following:

  • Install, Configure and administrate and provide on-going support of Cyber Defense associated specialist tools (see below) : Full Packet Capture (to include RSA Netwitness platform) Network Intrussion Prevention System (to include Cisco Sourcefire and potentially Palo Alto Network Threat Prevention)
  • Support the investigation of Security Events to establish if these are expected tool behaviours, events or a security threat.
  • Provide technical support for performance testing of content and rules.
  • Ensure that all other specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with other systems or applications and NCSC needs. This includes, but is not limited to ensuring proper setup and functioning of NIPS/FPC appliances or integration into monitoring systems.
  • Support the Initiation, preparation, follow-up and defence of the specialist applications upgrades in front of the Change Management Board.
  • Support the development of implementation plans for new capabilities in the NIPS/FPC areas and take ownership to ensure rapid implementation of those new tools and optimizations.
  • Implement the approved changes. Proactively recommend optimizations to capabilities to provide effective and efficient service operations.
  • Review security documentation and provide technical advice, when requested
  • Maintain awareness of new technologies and developments, industry standards and best practices within the NCSC community for FPC/NIPs tools, participating in knowledge sharing with other analysts and develop solutions efficiently.
  • Perform other essential duties as assigned, as preparation of technical and/or executive level reports.

Requirements

  • Essential to have a Bachelor’s Degree in Computer Science combined with a minimum of 2 years’ experience in as Security Tool Analyst (STA), Security Tool Manager or similar position involving Technical ICT Engineering knowledge, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 5 years post related experience.

Mandatory

  • Experience with enterprise Full Packet Capture solutions (e.g. Niksun, RSA/NetWitness)
  • Previous experience in NIPS, including Detection and Prevention (signature-based detection and statistical anomaly-based detection) systems (preferably Cisco Sourcefire/NGIPS or Palo Alto Network Threat Prevention), preferably on enterprise level.
  • Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
  • Deep Knowledge of Sourcefire/Snort.
  • Practical hands-on experience in systems and tools administration.
  • Comprehensive knowledge of the principles of computer and communication security, LAN/WAN networking including protocol network architecture, and the vulnerabilities of modern operating systems and applications.
  • Troubleshooting of Linux and/or Windows infrastructures.
  • Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.

Company

Passion for technology

The NCIM Groep is an ICT service provider, specialized in seconding highly educated professionals to manage projects, consult, develop software and manage systems in technical environments.

The NCIM Groep is based in The Hague, in the Netherlands. We operate in a national and international environment for customers in the defense and public safety sector.

Passion for technology – that is what every NCIM employee has. We are all software developers or system engineers, or have started as such, and are proud of it. We work on technical and innovative assignments for renowned companies.

Our employees are constantly evolving. We offer them education programs and training courses that enable them to broaden their knowledge, and ensure they are assigned suitable and challenging jobs. They are also coached by experienced colleague`s.

 

 

Company info
Website
Telephone
00316 15399666
Location
Rhone 30
Den Haag
Zuid Holland
2491AP
NL

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert