Job Description
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· Technical Proficiency:
ü Microsoft Active Directory and PowerShell expert knowledge
ü Experience with security configurations for Active Directory-based enterprise networks
ü Knowledge of and experience with Tenable Identity Exposure
ü CIS Security Assessments (SA) remediation
Desirable Qualifications/Experience:
· Experience in working with NATO
· Experience of working with NATO Communications and Information Agency
· Experience of working with national Defence or Government entities
DUTIES/ROLE:
· Active Directory security operations:
ü Operate the Tenable Identity installations, in coordination with the Continuous Vulnerability Assessment and Identity and Access Management teams
ü Monitor the Tenable Identity Exposure-generated events, detect and support remediation of Active Directory incorrect permissions/roles/groups’ configurations
ü Report the identified CIS security incidents following the NCIA procedure, and support the security investigations
ü Create monthly AD security compliance reports, including the amounts of active, inactive and disabled users and service accounts
ü Support the installation/configuration, and upgrade the Tenable Identity Exposure installations in scope of this SOW, following the NCIA change management process and using NCSC security configurations to ensure compliance of the managed networks with NATO Security Directives
ü Support the development of mitigation and remediation plans, following the identification and assessment of cybersecurity risks for Active Directories in scope
ü Assist with complex remediation activities for the NATO CIS in scope of this SoW; conduct remediation activities in collaboration with the NCIA Service Delivery Managers
ü Ensure adequate level of systems/data protection is implemented for NISC managed CIS in accordance with NATO Security policies and directives
ü Perform all operation, support and maintenance activities described in Annex C
ü Log and track Service and Change requests using the enterprise ticketing system (ITSM)
ü Ensure all tickets are updated with accurate and detailed information and resolved within the agreed service levels
· Escalation:
ü Escalate complex issues to appropriate teams when necessary
ü Follow up on escalated issues to ensure timely resolution and user satisfaction
· Knowledge Base Management:
ü Contribute to the creation and maintenance of a knowledge base, documenting common issues and solutions
ü Share knowledge and best practices with team members to improve overall service quality
· Performance Monitoring:
ü Monitor support metrics and KPIs to ensure high-quality service delivery
ü Participate in regular reviews to identify areas for improvement and implement corrective actions
· Automation and Efficiency:
ü Develop and implement automation scripts to streamline routine support tasks such as software installations, updates, system and software checks and notifications
ü Utilize automation to create workflows for repetitive tasks, improve service efficiency and proactively implement solutions
· Communication and Collaboration:
ü Communicate effectively with internal user community to understand their issues and provide clear instructions
ü Collaborate with IT teams to resolve issues and improve service delivery
· Transition-In:
ü The Contractor shall start the execution of the contract by implementing the transition-in Handover-Takeover (HOTO) plan
ü The Transition-in Handover-Takeover (HOTO) plan shall include at the minimum:
o Detailed HOTO schedule with GANTT chart
o Resources and PFE required from the Purchaser for successful execution of HOTO plan
o Risk register
ü Handover-takeover period will be divided in two parts; Shadowing and Reverse Shadowing.
o For the Transition-In HOTO, Shadowing will be the monitoring of Purchaser’s activities by the Contractor for each product listed in Annex C. Reverse shadowing will the monitoring of the Contractor activities by the Purchaser for item listed in Annex C
· Transition-Out:
ü Whatever the cause or the triggering event of the contract coming to an end, the Contractor shall end the execution of the contract by implementing the transition-out Handover-Takeover (HOTO) plan
ü The transition-out Handover-Takeover plan to be executed for contract closure or contract termination shall include at the minimum:
o Detailed HOTO schedule with GANTT chart
o Transition to The Purchaser of any tools, procedures, training and documentation used by The Contractor to execute this SOW
o Resources and PFE required from the Purchaser for successful execution of HOTO plan
o Risk register