Deadline Date: Tuesday 17 January 2023
Requirement: CIS Security Officer
Location: Mons, BE
Full time on-site: Yes
NATO Grade: G15/64
Total Scope of the request (hours): 836
Required Start Date: 13 February 2023
End Contract Date: 31 December 2023
Required Security Clearance: NATO COSMIC TOP SECRET
Duties amp; Role:
The Systems Engineer (CIS Security) reports to the Head CIS Security Officer, and supports the management of NSII CIS security matters by:
- Supporting all technical development activities required to maintain the confidentiality, integrity and availability of NSII operational business networks;
- Maintaining personal core competencies (functional and technical) in the Information Assurance area;
- Planning and coordinating, in close corporation with NATO Cyber Security Centre, the internal development of security architectures for large-scale systems, networks, and infrastructure solutions;
- Applying excellent expertise and providing recommendations in the development of conceptual, logical, and technical security architecture;
- Applying knowledge of a variety of hardware and software security capabilities and features;
- Resolving security and non-security requirement conflicts, and collaborating with team leaders, scientists and developers to appropriately convert functional needs into technical security requirements;
- Coordinating with systems and network administrators in support of security architecture requirements;
- Supporting the identification of security-related Key Performance Indicators and generating reports to ensure full visibility of the overall NCI Agency Information Security posture;
- Reviewing network interconnection requests and user access requests;
- Coordinating and overseeing vulnerability assessment and penetration tests performed on NSII systems; overseeing remediation activities and reporting on progress;
- Overseeing enrolment of NSII systems in security monitoring and incident response programs;
- Supporting all phases of the security accreditation processes required to maintain operational status;
- Contributing to the creation and maintenance of the NSII CIS Security Risk and Issue Register;
- Planning, deploying, and configuring a variety of hardware, software, and security products;
- Providing feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes;
- Conducting INFOSEC training and awareness programmes;
- Contribute to the Business Continuity Plan in the NSII CIS Security area;
- Deputize for higher grade staff, if required;
- Performs other duties as may be required
Requirements
Skill, Knowledge amp; Experience:
- The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
- A minimum requirement of a Bachelor's degree at a nationally recognised/certified University in an Information Security related discipline and 2 years post-related experience.
- Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post.
- Certified Information Systems Auditor(CISA), Certified Information Systems Security Professional (CISSP) or Certified Information System Manager (CISM) ;
- At least two years' experience with system security, security architecture, network security engineering, and security governance including strategic alignment, security audit, risk management, performance management and value delivery;
- Detailed knowledge and working experience of network and security technologies such as IPv4/IPv6, IPsec, routing protocols, Firewalls, Virtual Private Networks, Intrusion Detection and Forensic Appliances;
- Experience with high-availability/redundant systems architectures (clusters amp; load-balancers);
- Recent experience with enterprise backbone virtualization technologies such as MPLS, Layer-3 VPNs, CISCO OTV and VDC.
Desirable Experience and Education:
- Knowledge and working experience of Public Key Infrastructure;
- Knowledge and working experience of securing network devices and Windows/UNIX based operating systems;
- Experience with WLAN technologies and endpoint security of mobile devices such as Laptops, PDAs and Smartphones devices;
- Knowledge of mobile data communications (Bluetooth