Job Title: MISP Engineer
Profile: C004050, MISP Engineer
Location: Mons, Belgium
Start Date: 24 March 2025
Security Clearance: NATO Secret
Application Deadline: 7 February 2025
Duties and Responsibilities:
The MISP Engineer will operate within the Inform Branch, reporting to the branch head or a delegated authority. The primary responsibilities include:
System Administration:
* Proactively manage and maintain multiple servers running the MISP software, ensuring the confidentiality, integrity, and availability of the tool and information.
* Deploy, configure, and manage dedicated MISP instances to support various NATO exercises.
* Regularly update the MISP software to the latest version and support the test and validation efforts for the change management process.
* Configure and enhance system monitoring for MISP installations.
* Maintain and update Ansible playbooks related to MISP setup and configuration.
* Develop and improve documentation related to MISP installations within NATO.
* *
Content Management:
* Develop and maintain Python scripts to automate and integrate MISP with other subsystems within NATO, such as SIEM and IDS.
* Support quality management efforts by creating and maintaining content quality checking rules.
User and Community Management:
* Provide support to the user community of NATO managed MISP instances.
* Offer regular feedback to the user community, especially during exercise execution.
* Lead a team of MISP Operators during exercises to support information flow, quality control, and user management.
* Streamline and automate user management processes using IT Service Management (ITSM) and Identity and Access Management (IDAM) tools like Cerebrate and/or Keycloak.
* *
MISP Training Support:
* Plan, prepare, and deliver a series of online MISP training sessions to exercise audiences.
* Develop individual training packages for specific audiences to validate that training objectives have been met.
* *
Requirements:
The ideal candidate will possess extensive knowledge and experience (more than 5 years) in the following areas:
1. Strong technical understanding of cyber threats to web based products.
2. Demonstrated experience as a system administrator with LAMP servers (Linux, Apache, MySQL/MariaDB, PHP). Experience with RedHat is an asset.
3. Excellent Python scripting skills.
4. Experience in MVC software development and code review of web applications, primarily in PHP and SQL. Experience with CakePHP i