C003189 Adversary Emulation Engineer (NS) - TUE 20 Feb RELAUNCH

C003189 Adversary Emulation Engineer (NS) - TUE 20 Feb RELAUNCH
EMW, Inc., Belgium

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
Computer Hardware
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Feb 7, 2024
Last Date
Mar 7, 2024
Location(s)
Mons, Belgium

Job Description

NOTE: Subject RFQ was relaunched for another round as the previously submitted candidates were found not compliant for the following reasons: 2 candidates: Lack of experience in penetration testing / adversary emulation; Already interviewed, interview showed a lack of understanding/experience in adversary emulation; Candidate interviewed, interview showed a lack of understanding/experience in adversary emulation

Deadline Date: Tuesday 20 February 2024

Requirement: Adversary Emulation Engineer

Location: Mons, BE

Full time on-site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 1672

Required Start Date: 1 April 2024

End Contract Date: 31 December 2024

Required Security Clearance: NATO SECRET

Specific Working Conditions: Secure environment with standard working hours, with the exception of working non-standard working hours up to 72 hours annually.

Duties and Role:

  • Lead and/or be part of the Red/Purple Team during assessments;
  • Develop and execute complex adversary emulation scenarios;
  • Create custom scripts in python to simulate attack activities;
  • Utilize detections to improve the effectiveness of adversary emulation scenarios;
  • Create and use custom tools to automate and optimize the adversary emulation process;
  • Provide security design reviews to ensure compliance with company policies and directives;
  • Provide security consultancy and advice to projects, plans, and other entities;
  • Brief at both executive and technical levels on security reports and testing outcome;
  • Ensure proactive collaboration and coordination with internal and external stakeholders;
  • Ensure compliance with IT security, risk and compliance principles;
  • Responds to ad-hoc tasks given by the chain of command.

Deliverables:

The main deliverables as will be:

  • Provide an average of 139 hours/month working on-site, embedded in the NCSC Penetration Testing and Adversary Emulation Cell located in SHAPE, Casteau, Belgium.
  • High-quality reports on the results of adversary emulation assessments as directed by Lead Engineer NCSC.
  • Provide variety of deliverables associated to any duty (described in above).
  • The service provider is expected to provide accurate and complete deliverables in accordance with internal processes.
  • The service provider shall be responsible for complying with all applicable local employment laws, in addition to following all SHAPE amp; NCIA on boarding procedures. Delivery of the service cannot begin until these requirements are fulfilled.
  • Each provider of this service must pass an assessment to demonstrate proficiency before being approved to provide the service. The assessment will follow a brief familiarisation period.
  • The service provider shall not be required to work on NCIA holidays.

Requirements

Skill, Knowledge amp; Experience:

  • The candidate must have a currently active NATO SECRET security clearance
  • The contracted individual will have at least 3 years post-related experience.

The required skillset for the contracted individual is:

  • Proven experience in either penetration testing, red teaming or adversary emulation for at least 3 years
  • Understanding of the principles of adversary emulation (red/purple teaming)
  • Ability to develop and execute adversary emulation scenarios
  • Understanding of tactics, techniques and procedures of threat actors based on MITRE ATTamp;CK Framework
  • Ability to create and execute custom scripts to simulate attack activities
  • Understanding of the various types of detections available (defence in depth)
  • Knowledge of the latest security trends and best practices
  • Ability to create and use custom tools to automate and optimize the adversary emulation process
  • Knowledge of the principles of IT security, risk and compliance
  • Experience with security testing tools and methodologies, such as fuzzing, static and dynamic application security testing, and penetration testing
  • Knowledge in system and network administration of UNIX and Windows systems
  • Use of penetration testing tools, techniques, and recognized testing methodologies
  • Scripting skills in Python
  • Technical knowledge in system and network security, authentication and security protocols, cryptography and application security
  • Ability to evaluate risks and formulate mitigation plans
  • Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in Mons Belgium
Jobs in this company

EMW, Inc.

Information Technology and Services - Mons, Belgium
© Copyright 2004-2024 Mustakbil.com All Right Reserved.