Experience in performing accreditation processes, risk management and security architecture design. Participate, as required, in Security Accreditation/Approval meetings representing CSU Lisbon interests.
· Provide information risk assessment and risk management consulting to technology teams during the planning, procurement, and implementation and operating phases of projects.
· Ensure that the security configurations of NCI Agency CSU Lisbon supported systems are properly implemented, monitored, and reported.
· Work with businesses and technology teams to identify and coordinate the deployment of appropriate compensating controls to address security and risk gaps (residual risk management).
· Assist the technology teams in the implementation of required security controls.
· Maintain security baseline settings and information for hardware and software items.
· Ensure compliance with applicable NATO security regulations and the conditions of security approvals and/or accreditations.
· Remain current on emerging technology trends and associated information security issues surrounding them.
· Experience working within a classified network environment;
· Practical experience in identifying appropriate computer security tools usable in classified environments, and implementing them to support system operations;
· Expertise in establishing and operating an effective intrusion detection system;
· A good knowledge of NATO INFOSEC Policy, Directive and Guidance or the readiness to acquire this as soon as practicable after appointment;
Duties & Role:
1. Lead in the development/adoption and enforcement of Information Security policies, procedures and standards. Conduct and complete an annual review of required NATO regulations and reports.
2. Maintain the NATO Security Policies. These are formal policies that detail and document actual mechanisms and controls and are include at least the following in our AoR:
* Administrative: Risk analysis and management, documentation management and controls, information access controls and sanctions for failure to comply.
* Personnel Security: Monitor personnel access to the sensitive information for which they have appropriate authority and clearance.
* Physical Safeguards: Assign security responsibilities, control access to media and the controls in place against
unauthorized access to workstations and related equipment.
* Technical Security: Set the access and authorization controls for everyday operations as well as emergency procedures for data.
* Transmission security: Set the standards for access controls, audit trails, event reporting, encryption and integrity controls.
3. Maintain the NATO Security Procedures that include:
* Evaluation and compliance with security measures.
* Disaster Recovery and Emergency operating procedures.
* Security Incident Response and process protocols including Incident Reporting and Sanctions.
* Testing of security procedures, mechanisms and measures.
4. Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted classified data and protect against reasonably anticipated threats and hazards.
5. Oversee and/or assist in performing on-going security monitoring of customers organization information systems including:
* Assess information security risk periodically.
* Conduct functionality and gap analyses in the customers to determine the extent to which key business areas and infrastructure comply with NATO statutory and regulatory requirements.
* Evaluate and recommend new information security technologies and countermeasures against threats to information or privacy.
6. Ensure compliance through adequate training/awareness programs and periodic security audits. These audits are both internal and external in nature.
7. Manage and Monitor endpoints/systems security solutions, includes monitoring of systems and laptops for:? Patch management (SCCM).
* Anti-virus management (DLP/EPO & McAfee).
* Software updates (SCCM).
* Usage of unlicensed and pirated software.
* Incidents of policy violations as per the information security policy.
* Monitor of network needs for usage and misuse cases, as well as alerts when any mischief is detected in the network; action and investigation will follow.
* Incident report to NCIRC for investigation (after local investigation process be carried out).
8 . Operate regular inspections of systems and network processes for security updates as System/Network Security Officer.
9. Support in the elaboration of accreditation processes for several CIS systems under CSU responsibility area.
10. Conduct audit process for initiating security and safety measures and strategies.
11. Customize access to information per rules and necessity (user access services at Active Directory in NU, NS and MS networks).
12. Manage COMSEC Team (Crypto Custodian, Crypto related equipment and Security Inspections at COMSEC area).
13. Monitor CIS Security Service that covers and is limited to the below Service Instances to the customers at the following levels, in coordination with COMSEC team:
* TCE Configuration and monitoring.
* TCE patch updates/maintenance.
* NATO transmission security.
* Tempest installation survey.