EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· Experience with Information Systems Engineering and Maintenance – Information Security Implementation Computer Security
· A good knowledge of Computer Security principles and procedures. Proficiency with Cryptography Technology. Knowledge of Internet Protocol based networks and components (routers and switches);
· Working knowledge of Router configuration
· A good knowledge of public key infrastructure technology
· Working knowledge of Crypto systems and techniques
· A high level of knowledge of network, system and application level troubleshooting techniques
· Extensive experience in the analysis of risk and in the implementation and integration of Information Security protective measures
· Red Hat certified and/or Linux professional certified
· Specific experience: Must be familiar with the detailed and complex NATO standards for the operation of CRYPTO and the associated equipment that process and secure NATO classified information
· Experience in development and implementation of computer security policies
· Experience in evaluation and accreditation of telecommunications and information systems
· Experience in security requirements analysis
· Hold one or more of the following IT security qualifications/certifications:
ü CCNA
ü ITIL foundation in IT Service Management
ü TCE 621 Operator Course THALES Norway
ü TCE 671 Operator Course THALES Norway
· Prior experience of working in an international mission environment comprising both military and civilian elements
· Knowledge of NATO responsibilities and organization, including ACO and ACT
DUTIES/ROLE:
· Information Assurance incident management
· 24/7 helpdesk service management
· Management of Secure Management Centre’s (SMC) including: key management, access control management, security monitoring, IP crypto configuration management, error location and recovery, data base back up, alarm handling
· Management of NATO Wide PKI user profiles, CA certificates, End-User certificates, other root CA domains certificates, CRLs and ARLs
· Provide technical support and assistance to ACO wide and NATO Agencies and National MODs
· Cyber Security 24/7 watch-keeping duties such as: receiving advisories from national and non-government CERTs, disseminating general incident related information to CIS operating authorities, providing technical support and assistance to NATO CIS operating authorities in respect to malicious code prevention, providing liaison with other CERTs, providing limited technical support and assistance to NATO CIS operating authorities in respect to intrusion detection, performing initial incident response, recovery, and reporting activities in support of operational NATO CIS, reporting incidents and vulnerabilities to the Cyber Security sections, coordinating the collection and processing of all cyber related information for NU, NR, MS and NS systems, providing centralized on line Vulnerability Assessment of remote networks and interfaces
· Support to incident response as the entry point for the reporting of cyber security incidents, direct support to detection activities, as well as ad-hoc requests
· Cyber Security Information Sharing Services - This Service provides the dissemination and/or production of different type of documents/updates such as: Cyber Security Daily news, Trend Micro Patterns, replication of Trend Micro Active Repository, McAfee updates, Juniper Signatures, ExtraDat, Cyber Defence SitRep Bulletins, NATO Identified Malware Black List (NIMBL)
· Internet e-mail and Internet-Facing Web Sites monitoring Service - Internet Facing Email Content Monitoring: Checking of all Inbound/Outbound Internet e-mail to ensure compliance with NATO and applicable local Security Polices; such checks include malicious code, executable content, encrypted content, SPAM, and Classified Data content
· Internet Web Site monitoring - The ability to centrally monitor customer's Internet-facing Web Sites for unauthorised changes and to take appropriate reporting/remedial actions