Does working for NATO to ensure that our networks and systems remain secure, appeal to you?
Do you have interest in making use of your experience in scripting, relational database and alternate data storage in the field of cyber security?
Are you interested in joining a motivated team working in the field of information collection, event correlation and data visualization?
NATO Communications and Information Agency (NCI Agency) is looking Principal Technician (Cyber Security) to be responsible for the analysis, configuration, implementation and/or development of security tools to better detect and prevent threats.
Under the direction of Head, Technical Services Section, you will perform duties such as the following:
· Conduct the analysis, configuration, implementation and/or development of security tools to better detect and prevent;
· Support in the development and customization of solutions to integrate heterogeneous software components in order to improve the incident detection and prevention process;
· Assist in the implementation, configuration and, when needed, development of visualization solutions to improve security awareness, incident prevention and incident detection;
· Implement the operational deployment of security applications to facilitate the collection of security related data and to mitigate security risks;
· Support the development and customization of process-driven tools;
· Support the configuration and customization of Cyber Defence Situational Awareness tools;
· Conduct incident related research in relation to the Cell’s areas of responsibility;
· Conduct the analysis of cybersecurity incidents and incident trends in order to refine event collection strategies;
· Assist in the preparation of reports, recommendations and presentations to NATO security authorities and lA communities on all aspects of collection and management of audit data for incident management purposes;
· Provide assistance to other NATO sites as required in respect of audit policies and audit data collection;
· Provide general guidance and advice on the configuration and collection of security audit events and data to subordinate and NATO CIS operating authorities (NCIRC Tier 3);
· Support NCIRC Tier 3 and network service managers in the collection, transport and delivery of audit events and data;
· Conduct the assessment of security tools relating to the Enterprise Security Services Cell responsibilities;
· Deputize for higher grade staff;
· Performs other duties as may be required.
You will need vocational training at a higher level in a relevant discipline and 8 years of relevant experience or a combination of equivalent qualifications and experience
· Knowledge of Relational Database and Structured Query Language (SQL);
· Experience in programming (any object-oriented language) and/or scripting, preferably in Python;
· Knowledge of alternative methods of data storage (e.g. key/value pairs, NoSQL etc., etc.);
· Understanding of Network (TCP/IP) Engineering;
· Understanding of secure network design;
· Knowledge of Linux command line and administration;
· Proven experience in the use of Application Programming Interfaces (APIs) for data ingestion and integration;
· Proven experience in System and/or Network administration.
· Knowledge in Big Data concepts and associated product/technologies;
· Knowledge of Microsoft Sharepoint infrastructure 2013 and above;
· Demonstrated experience in Splunk;
· Demonstrated experience with HPE/Arcsight products (e.g. SIEM, Logger, etc. etc.)
· Demonstrated experience in log collection and log correlation;
· Hold any of the following professional security qualifications: SANS GIAC certifications in the 500 or 600 series or equivalent quality level of certification and scope;
· Prior experience of working in an international environment comprising both military and civilian elements;
· Knowledge of NATO responsibilities and organization, including ACO and ACT.
Applying Expertise and Technology: Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organisational departments and functions.
Following Instructions and Procedures: Appropriately follows instructions from others without unnecessarily challenging authority; follows procedures and policies; keeps to schedules; arrives punctually for work and meetings; demonstrates commitment to the organisation; complies with legal obligations and safety requirements of the role.
Working with People: Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well.
Analysing: Analyses numerical data and all other sources of information, to break them into component parts, patterns and relationships; probes for further information or greater understanding of a problem; makes rational judgements from the available information and analysis; demonstrates an understanding of how one issue may be a part of a much larger system.
Adapting and Responding to Change: Adapts to changing circumstances; tolerates ambiguity; accepts new ideas and change initiatives; adapts interpersonal style to suit different people or situations; shows an interest in new experiences.
A thorough knowledge of one of the two NATO languages, both written and spoken, is essential and some knowledge of the other is desirable.
NOTE: Most of the work of the NCI Agency is conducted in the English language.
Business travel to NATO and national (NATO and non-NATO) facilities in addition to occasional travel to The Hague / Brussels offices may be required.
May be required to undertake duty travel, operational deployments and/or temporary assignments to operational theatres both within and outside NATO boundaries.
NCI Agency normally offers contracts of employment of a definite duration, not exceeding three years. Contracts may be for less than three years as required to support short-term projects, meet uncertainty with respect to the business outlook, staff performance and other factors.
Definite duration contracts may be extended for further periods. When extending contracts, the following is taken into consideration:
Renewal is in the interest of the Agency.
Staff member's desire to remain with the Agency.
The financial situation provides sufficient funding for the post held.
The skills, competencies and behaviours, potential and work experience of the staff, versus the requirements of the Agency's work and/or availability of funding.
Staff member has served the Agency with performance to the required standard as defined by the Agency,
Staff member's deployability to operational theatre.
Serving civilian members of NATO will be offered a contract in accordance with the NATO Civilian Personnel Regulations.
The first six months of definite duration contracts are a probationary period. During this period the staff member's work is assessed to ensure that he/she has the ability to carry out the duties of the post. At or before the end of the probationary period, the staff member will be notified in writing that the appointment is confirmed or terminated or, in exceptional cases, that the probationary period is extended.
What do we offer?
Excellent tax-free salary, including (where eligible) expatriation household and children's allowances and additional privileges for expatriate staff.
Education allowance for children (where appropriate) and an excellent private health insurance scheme.
Generous annual leave and home leave (if eligible).
Retirement Pension Plan.
To learn more about NCI Agency and our work, please visit our website.
Please note: Due to the NCI Agency’s transition into a new structure in the near future, this post may be subject to transfer to one of our other locations, as well as to a change of reporting lines. The final decision will be made at the time of a firm offer.
The Agency’s recruitment team advises you that due to the large volume of applications it receives the screening process may take up to 2 months after closing date. We appreciate your patience.