Senior Online Vulnerability Assessment (OVA) Analyst Support for NCSC Assess Branch, Hainaut
Client: BREVCO
Location: Hainaut, Belgium
Job Category: Other
EU work permit required: Yes
Job Reference: 9d327e2c26c5
Job Views: 4
Posted: 06.03.2025
Expiry Date: 20.04.2025
Job Description:
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
1. Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience
2. 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations
3. Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center
4. IP switching and routing in a wired and wireless environment
5. Virtual Infrastructure management based on VMWare technologies
6. Systems administration, ideally both with Windows and Linux
7. Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell)
8. Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
9. Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience
10. Strong analytical and problem-solving skills
11. Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
Desirable Qualifications/Experience:
1. Experience with threat intelligence, incident response and remediation
2. Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs
3. Knowledge of NATO organization and its IT infrastructure
4. Experience with Service Management, monitoring and reporting tools, ideally Solarwinds
5. ITIL Service Management certifications
6. Experience with system instrumentation solutions such as Ansible
7. Certifications such as CISSP, CISM, or CISA
8. Previous experience working for Cyber Security related organisations (CERTs, security offices)
9. Previous experience working in an international environment comprising both military and civilian elements
10. Experience in working with NATO
11. Experience working with the NATO Communications and Information Agency
12. Experience working with national Defence or Government entities
DUTIES/ROLE:
1. Data analysis and reporting of data reported by the Senior Online Vulnerability Assessment (OVA) Analyst Support
2. Gives visibility and insight on the networks in NATO environment, which in turn is critical to effective management, strong security and compliance, and efficient migrations and consolidations
3. Monitoring and Reporting:
* Proactively review logs and alerts to identify any technical issues, errors, or failures in the monitoring process
* Produce and distribute reports related to system health, monitoring activities, and compliance status (e.g., audit logs, system performance metrics)
1. System Documentation:
* Document configuration and changes: Keep up-to-date documentation of all configurations, integration steps, troubleshooting procedures, and system maintenance tasks
* Maintain an inventory: Keep track of all integrated identity sources, IAM systems, and external tools
2. Automation and Scripting:
* Improve system efficiency: Identify areas where automation could reduce manual intervention and improve operational efficiency
3. Each deliverable shall meet the following requirements:
* Language: the product shall be written in English, meeting or exceeding the NATO STANAG 6001 Level 3 “Professional Proficiency”
* Intended Audience: the product shall be intended for Cyber Security Professional, Senior Military personnel and decision makers in the field of Cyber Security and Cyberspace Operations
* Accuracy: the product shall accurately reflect what was discussed, decided, and action items assigned during the meeting
* Clarity and Conciseness: Information shall be presented clearly and concisely, avoiding unnecessary jargon or complex language
* Objectivity: the content shall be impartial and objective, presenting information without bias or personal interpretation
* Structure: the product shall follow a logical structure, typically including sections such as agenda, attendees, discussions, decisions, action items, and any other relevant information, further directed by the IKM SG
* Timeliness: the product shall be prepared and distributed promptly after the meeting, ensuring that information is fresh and actionable. It is expected a maximum of two times the length of the meeting for the time required to prepare and share the product to the meeting audience for initial review
* Formatting: Consistent formatting shall be used throughout the document, including font style, size, headings, and spacing further directed by the IKM SG
* Confidentiality: Sensitive information discussed prior, during and after meetings shall be handled in accordance with the NATO policy on Information Management
4. Deliverables:
* A1: Under the direction of the NCSC Continuous Vulnerability Assessment Section Head the contractor shall deliver the following:
o Daily: Verify that the Continuous Vulnerability scans are configured correctly and that information collected is accurate & complete.
o Daily: Identify possible scan gaps, authentication failures and engage with relevant service provider to remove those gaps and eliminate reasons for authentication failure.
o Daily: Review existing scan policies, fine tune and improve them at the same time.
* A2: Weekly: Upon completion of scheduled scans, deliver a comprehensive vulnerability report to each stakeholder under your area of responsibility taking into account all vulnerabilities posing a security risk, remediation actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each Wednesday/Thursday before Close of Business. No weekly report is due if that week does not include any working day (for instance: long official holidays such as Christmas break).
* A3: Monthly: deliver vulnerability report to stakeholders, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphic way the trend of the security posture of CIS assets. The monthly report is expected to be delivered in the week of Microsoft patch Tuesday (second Tuesday of the month).
#J-18808-Ljbffr