C002654 Engineer (IdM/PKI Services) (CTS) - THU 26 Jan
EMW, Inc., Belgium

Deadline Date: Thursday 26 January 2023

Requirement: Engineer (IdM/PKI Services)

Location: Mons, BE

Full time on-site: Yes

NATO Grade: A/88

Total Scope of the request (hours): 1254

Required Start Date: 1 March 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO COSMIC TOP SECRET

Specific Working Conditions:

• Normal Office environment ;
• Support on-call duties after normal business hours including weekends and holidays;
• Work remotely if required;
• Work from alternate location to support NPKI customers when required;

Duties amp; Role:

• Manage the NATO wide NPKI Registration Authorities;
• Maintain the day-to-day NATO wide PKI systems and components;
• Manage and control of the lifecycle of end users and devices certificates;
• Manage NPKI hardware infrastructure;
• Manage and responsible for the NPKI LDAP directory service configuration and support HTTP service;
• Responsible for the NCIA ITSM ticketing system;
• Responsible for user/device certificate creation and Smart Cards enrolment;
• Responsible for WNES- auto enrolment service, CSR SCEP; Enrolment over Secure Transport (EST); Entrust Administration Services components especially in context of ITM and NPKIMitigation projects new services development and deployment;
• Responsible for Enterprise Mobile Mobility configuration, integration, maintenance;
• Responsible for Online Certificate Status Protocol (OCSP) and Time Stamp management;
• Responsible for Database maintenance, dedicated for NPKI;
• Responsible for Card Management System deployment, integration and day-to-day management;
• Responsible for Hardware Security Module (HSM) firmware upgrade and management in different Date Centre location;
• Responsible for the creation of PKI related guidance;
• Certificate Authority Log analysis, (Troubleshoot the system ALARM/ERRORS and monitor user activity);
• Support Smart Card enrolment and certificate creation process;
• Maintain the day-to-day operations /management /backup/restore of the PKI systems;
• Provide technical support and assistance to ITM Operating Authorities and NPKI-Mitigation project team;
• Provide 2nd and 3rd level technical support of CIS services to the NPKI customers;
• Designing of new PKI components;
• Responsible for the creation and maintenance of Standard Operating Procedures within the NPKI as part of modifications or additions to current capabilities;
• Documenting of all new PKI services;
• Installation and maintenance of NPKI components;
• Be flexible to work outside normal office hours in response to crises, operational requirements;
• Performs other duties as may be required related to Polaris Programme;

Requirements

Skill, Knowledge amp; Experience:

• The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
• A university degree in a relevant discipline and 3 years of specific experience
• Extensive knowledge of modern communication and Internet Protocol (IP) based networking technologies and systems including security aspects.
• 3 years extensive experience with PKI System development, design, management.
• Extensive knowledge of Information security and Cryptography (symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, digital certificates).
• Experience in Windows Servers and RHEL OS.
• Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications.
• Experience in scripting (Python, Powershell).
• Practical experience in SSL, TLS, and OpenSSL.

Desirable Experience:

• Experience in development and implementation of computer security policies.

Job Rewards and Benefits