Deadline Date: Friday 7 February 2025
Requirement: MISP Engineer
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 836
Required Start Date: 24 March 2025
End Contract Date: 31 December 2025
Required Security Clearance: NATO SECRET
Duties and Role:
The contracted individual must be able to perform effectively and efficiently with minimal supervision.
Within the Inform Branch and reporting to the branch head or a delegated authority, the duties of the individual mainly focus on:
System administration:
* Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information.
* Stand up, configure and manage dedicated MISP instances in support to multiple NATO exercises.
* Regularly update the MISP software to the latest version and support the test and validation effort for change management process.
* Configure and extend the system monitoring of those MISP installations.
* Maintain the ansible playbooks related to the MISP setup and configuration.
* Maintain and improve documentation related to the MISP installations within NATO
Content Management:
* Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS, …
* Support the quality management effort by creating and maintaining content quality checking rules.
User and Community Management:
* Provide support to the user-community of the NATO managed MISP instances
* Provide feedback to the user-community on regular basis, and on daily-basis during exercises execution
* During exercises, lead a team of multiple MISP Operators to support information flow, quality control and user management.
* Support the streamlining and automation of user management process with a combination of IT Service Management tools (ITSM) and Identity and Access Management (IDAM) tools like Cerebrate and/or Keycloak.
MISP Training support
* Plan for, prepares and delivers a series of online MISP training Sessions to an exercise audience.
* Support the preparation of individual training packages for specific training audience to validate the training objectives have been met.
Specific Working Conditions: The work will be mainly executed on site at the NCI Agency offices in Mons, Belgium. Multiple exercices support requiring travel to other NATO countries will be required (up to 6 weeks of travel in total).
Within Belgium, travel to NCIA/NATO offices will be as follows: 1 x per quarter to Brussels; 2 x per month to Braine L'Alleud.
Weekly update to the identified authority will be required for assessing the satisfactory condition of the work delivered.
Requirements
Skill, Knowledge & Experience:
* The candidate must have a currently active NATO SECRET security clearance
* Extensive knowledge and experience (more than 5 years) in technical understanding of the cyber threats to web-based products.
* Demonstrated experience as sysadmin with LAMP servers - Linux, Apache, MySQL/MariaDB, PHP.
* Experience with RedHat is an asset.
* Excellent python scripting.
* Experience in MVC software development and code review of web applications mostly in PHP language and with SQL.
* Experience with CakePHP is an asset
* Prior experience as sysadmin of a MISP Threat Sharing platform is a very strong asset.
* Prior experience in developing code (python, PHP) for MISP is an even stronger asset
* Prior experience in multinational cyber exercises like Locked Shields, Crossed Swords, Cyber Coalition, etc is an important asset.
* Good understanding of cyber security principles, best practices, concepts and technology.
* Ability to work independently and in teams to achieve the desired goals, including the ability to monitor and support a team.
* Excellent organizing and communication skills.
* Good communications and writing skills in English.