EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
• Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience
• 3+ years of experience in IT security, with a focus on Security Audit and / or Security Assessment of large organisation
• Strong understanding of security best practices and experience with cloud-based infrastructure
• Strong understanding of the assessment of internet–facing assets for vulnerabilities and anomalies
• Knowledge of relevant NATO standards and regulations
• Strong analytical and problem-solving skills
• Excellent communication and collaboration skills
• The incumbent shall be able to understand and interpret the outcomes of security audit reports (NATO high side network)
Desirable Qualifications/Experience:
• Experience with threat intelligence, incident response and remediation
• Knowledge of NATO organization and its IT infrastructure
• Certifications such as CISSP, CISM, or CISA
• Experience in working with NATO
• Experience working with the NATO Communications and Information Agency
• Experience working with national Defence or Government entities
DUTIES/ROLE:
• Each deliverable shall meet the following requirements:
Language: the product shall be written in English, meeting or exceeding the NATO STANAG 6001 Level 3 “Professional Proficiency”.
Intended Audience: the product shall be intended for Cyber Security Professional, Senior Military personnel and decision makers in the field of Cyber Security and Cyberspace Operations.
Accuracy: the product shall accurately reflect what was discussed, decided, and action items assigned during the meeting.
Clarity and Conciseness: Information shall be presented clearly and concisely, avoiding unnecessary jargon or complex language.
Objectivity: the content shall be impartial and objective, presenting information without bias or personal interpretation.
Structure: the product shall follow a logical structure, typically including sections such as agenda, attendees, discussions, decisions, action items, and any other relevant information, further directed by the IKM SG.
Timeliness: the product shall be prepared and distributed promptly after the meeting, ensuring that information is fresh and actionable. It is expected a maximum of two times the length of the meeting for the time required to prepare and share the product to the meeting audience for initial review.
Formatting: Consistent formatting shall be used throughout the document, including font style, size, headings, and spacing further directed by the IKM SG.
Confidentiality: Sensitive information discussed prior, during and after meetings shall be handled in accordance with the NATO policy on Information Management.
• Deliverables:
A1: Under the direction of the NCSC Operational Tooling Management (OTM) Head the incumbent shall deliver the following: Daily: Maintain a comprehensive list of all vulnerabilities being taken care of, along with their remediation or mitigation status. The dataset shall be updated no later than 2 working days after the notification of a change is received.
A2: Weekly: Deliver a comprehensive vulnerability report to the Service Delivery Manager (SDM) and Service Owner (SAO), taking into account all vulnerabilities posing a security risk to the monitored organization, recommendation of remedial actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each first working day of a calendar week, before Close of Business. No weekly report is due if that week does not include any working day (for instance: long official holidays such as Christmas break).
A3: Monthly: Monthly: delivery of vulnerability report to the SDM and SAO, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphical way plus the trend of the security posture of internet facing services. The monthly report is expected to be delivered within 5 working days after the last working day of the past month.
A4: Yearly: Deliver a report to the SDM and SAO, with a summary of all events and actions that occurred during the year. The yearly report is expected to be delivered within 15 working days after the last working day of the past year.