Job Description
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· Knowledge and experience (more than 5 years) in the following areas:
ü Very good technical understanding of the cyber threats to web based products
ü Demonstrated experience as sysadmin with LAMP servers - Linux, Apache, MySQL/MariaDB, PHP
ü Experience with RedHat is an asset
ü Excellent python scripting
ü Experience in MVC software development and code review of web applications mostly in PHP language and with SQL
ü Experience with CakePHP is an asset
ü Prior experience as sysadmin of a MISP Threat Sharing platform is a very strong asset
ü Prior experience in developing code (python, PHP) for MISP is an even stronger asset
ü Prior experience in multinational cyber exercises like Locked Shields, Crossed Swords, Cyber Coalition, etc. is an important asset
ü Good understanding of cyber security principles, best practices, concepts and technology
DUTIES/ROLE:
· System administration:
ü Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information
ü Stand up, configure and manage dedicated MISP instances in support to multiple NATO exercises
ü Regularly update the MISP software to the latest version and support the test and validation effort for change management process
ü Configure and extend the system monitoring of those MISP installations
ü Maintain the ansible playbooks related to the MISP setup and configuration
ü Maintain and improve documentation related to the MISP installations within NATO
· Content Management:
ü Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS
ü Support the quality management effort by creating and maintaining content quality checking rules
· User and Community Management:
ü Provide support to the user-community of the NATO managed MISP instances
ü Provide feedback to the user-community on regular basis, and on daily-basis during exercises execution
ü During exercises, lead a team of multiple MISP Operators to support information flow, quality control and user management
ü Support the streamlining and automation of user management process with a combination of IT Service Management tools (ITSM) and Identity and Access Management (IDAM) tools like Cerebrate and/or Keycloak
· MISP Training support
ü Plan for, prepares and delivers a series of online MISP training Sessions to an exercise audience
ü Support the preparation of individual training packages for specific training audience to validate the training objectives have been met