Role: Cyber Security Tools Engineering (OVA/OCF) AOM Support for NCSC Assess Branch
Reference: 13478 Profile
Job Code: 2024-0239
Duties:
The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of Cyber Security Tools Engineering (OVA/OCF) AOM Support with a deliverable based contract to be executed in 2025.
This task includes data analysis and reporting of data reported by the Cyber Security Tools Engineering (OVA/OCF) AOM. For the provision of consistent support and the execution of the task, NCIA will get subject matter expertise from the industry with a service (deliverable based/completion type) based AAS framework contract in the delivery of requested capability.
The Cyber Security Tools Engineering (OVA/OCF) AOM gives visibility and insight on the networks in NATO environment, which in turn is critical to effective management, strong security and compliance, and efficient migrations and consolidations.
More broadly, NATO needs to be able to monitor the configuration of its domain controllers in order to prevent exploitation by malicious threat actors.
Under the direction / guidance of the NCSC Point of Contact, a contractor will be part of the NCSC Team supporting the following activities:
1. Monitoring and Reporting: Proactively review logs and alerts to identify any technical issues, errors, or failures in the monitoring process. Produce and distribute reports related to system health, monitoring activities, and compliance status (e.g., audit logs, system performance metrics).
2. System Documentation: Document configuration and changes: Keep up-to-date documentation of all configurations, integration steps, troubleshooting procedures, and system maintenance tasks. Maintain an inventory: Keep track of all integrated identity sources, IAM systems, and external tools.
3. Automation and Scripting: Improve system efficiency: Identify areas where automation could reduce manual intervention and improve operational efficiency.
Requirements:
* The contractor that is going to perform the identified tasks as an Operation and Maintenance Expert of Active Directory Security Assessment Tool must have demonstrated skills, knowledge and experience as listed below.
* Activities performed by a contractor include the lifecycle management of the Tenable Identity Exposure software (including all tasks related to A2SL inclusion), its configuration to ensure coverage of all in-scope Active Directory servers, and the regular monitoring of the availability of the capability.
* Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience.
* 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations.
* Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center.
* IP switching and routing in a wired and wireless environment.
* Virtual Infrastructure management based on VMWare technologies.
* Systems administration, ideally both with Windows and Linux.
* Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell).
* Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
* Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience.
* Strong analytical and problem-solving skills.
* Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
* Experience with threat intelligence, incident response and remediation a plus.
* Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs is a plus.
* Knowledge of NATO organization and its IT infrastructure is a plus.
* Experience with Service Management, monitoring and reporting tools, ideally Solarwinds is a plus.
* ITIL Service Management certifications is a plus.
* Experience with system instrumentation solutions such as Ansible is a plus.
* Certifications such as CISSP, CISM, or CISA is a plus.
* Previous experience working for Cyber Security related organisations (CERTs, security offices) is a plus.
* Previous experience working in an international environment comprising both military and civilian elements is a plus.
Location: Mons, Belgium
Start date: 07/04/2025
Contract length: 35 sprints
Bid closes: 05/03/2025
Max hourly rate (€): Lowest Price Technically Compliant
Remarks: COSMIC TOP SECRET
Security clearance: A security clearance is required.
#J-18808-Ljbffr