3000 people are working 24/7 to protect nearly 1 billion citizens. We serve 29 nations by defending its networks, and providing real life support to NATO operations and missions. We connect the Alliance. We are leading IT professionals. We are the NCI Agency.
Do you have extensive experience of malware analysis and malware detection? Can you demonstrate ability to recognise when an IT network/system has been attacked and to take immediate action to limit damages? Are you ready to join a dynamic and diverse team? If the answer is yes, Apply Now!
The NCI Agency is currently seeking an experienced Principal Technician (Cyber Security) to serve as the first line of technical support for our managed services customers and incident response teams and to be responsible for performing daily behavioural analysis of malware in support of antimalware protection of systems NATO-wide.
The Cyber Security Service Line (CS SL) provides cyber security services to NCI Agency customers and users, as well as to all other elements of the Agency; this includes all Service Lines, Programme Offices, CIS Support Units/Elements, and the Agency Ops Centre. The CS SL is responsible for providing the broad spectrum of services in the following specialist security areas: CIS Security, Cyber Defence, Information Assurance, and Computer Security & Communications Security.
CS Operations Branch delivers a suite of services to prevent, detect, respond and recover from Cyber-attacks, and incidents, on NATO’s computers networks. These services are in the specific areas of Cryptography, Identity Management, 24/7 CS Operations Support, Incident Handling, Technical Services (supporting CS Ops) and CS Support to deployed Operations and Exercises.
Under the direction of the Incident Management Section Head and the Malware Analysis and Digital Forensics Cell Head but largely on his own initiative, you will perform duties such as the following:
Serve as the first line of technical support for our managed services customers and incident response teams and be responsible for performing daily behavioural analysis of malware in support of antimalware protection of systems NATO-wide;
Interact with the Agency’s antimalware service provider and ensure the adequate quality of their service by submitting malware samples undetected by the vendor, then making sure the vendor updates their malware definitions or produces extraDATs to accurately detect threats in the submitted samples;
Assist in incident response, recovery, and reporting activities in support of operational NATO CIS;
Serve as an escalation point to higher lines of malware analysis and digital forensics in case of more complex or sensitive malware samples;
Interact with the service provider of Malware Analysis subsystem to make sure that all the components of the subsystem are in operational state;
Contribute to further automation of the malware analysis capability by scripting and integration of new tools with existing ones;
Advise management on the effectiveness of established operating procedures and recommend modifications where appropriate;
Deputize for higher grade staff, if required;
Performs other duties as may be required.
You will be required to have vocational training at higher level in a relevant discipline leading to a formal technical or professional certification, or equivalent combination of qualifications and experience leading to a professional qualification or professional accreditation, with at least 8 years of relevant experience.
A higher secondary education and completed higher vocational training in management of information systems, computer science, or related discipline leading to a formal technical or professional certification (such as CISSP, GCIH, GCFE, GCFA, GREM) will be considered an asset.
In addition to 8 years of relevant experience, you will be required to demonstrate:
Experience or practical knowledge of malware analysis and malware detection;
Extensive knowledge of malware analysis techniques and technologies;
Ability to recognise when an IT network/system has been attacked, be able to take immediate action to limit damage and to escalate the event to higher authority;
Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications;
Practical experience in Windows, Linux and VMware system administration;
Knowledge of computer incident handling;
Proficiency in assessing security vulnerabilities of operation systems and software.
It will considered a plus if you can prove:
Experience in digital forensics;
Practical experience in scripting (Python, Powershell);
Prior experience of working in an international environment comprising both military and civilian elements;
Knowledge of NATO responsibilities and organization, including ACO and ACT.
Working with People - Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well.
Presenting and Communicating Information Speaks fluently; expresses opinions, information and key points of an argument clearly; makes presentations and undertakes public speaking with skill and confidence; responds quickly to the needs of an audience and to their reactions and feedback; projects credibility.
Writing and Reporting Writes convincingly; writes clearly, succinctly and correctly; avoids the unnecessary use of jargon or complicated language; writes in a well-structured and logical way; structures information to meet the needs and understanding of the intended audience.
Applying Expertise and Technology Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organisational departments and functions.
Delivering Results and Meeting Customer Expectations Focuses on customer needs and satisfaction; sets high standards for quality and quantity; monitors and maintains quality and productivity; works in a systematic, methodical and orderly way; consistently achieves project goals.
Achieving Personal Work Goals and Objectives Accepts and tackles demanding goals with enthusiasm; works hard and puts in longer hours when it is necessary; seeks progression to roles of increased responsibility and influence; identifies own development needs and makes use of developmental or training opportunities
A thorough knowledge of one of the two NATO languages, both written and spoken, is essential and some knowledge of the other is desirable.
NOTE: Most of the work of the NCI Agency is conducted in the English language.
Business travel to NATO and national (NATO and non-NATO) facilities as well as frequent travel between the NCIA offices;
May be required to undertake duty travel to operational theatres inside and outside NATO boundaries.
NCI Agency normally offers contracts of employment of a definite duration, not exceeding three years. Contracts may be for less than three years as required to support short-term projects, meet uncertainty with respect to the business outlook, staff performance and other factors.
Definite duration contracts may be extended for further periods. When extending contracts, the following is taken into consideration:
Renewal is in the interest of the Agency.
Staff member's desire to remain with the Agency.
The financial situation provides sufficient funding for the post held.
The skills, competencies and behaviours, potential and work experience of the staff, versus the requirements of the Agency's work and/or availability of funding.
Staff member has served the Agency with performance to the required standard as defined by the Agency,
Staff member's deployability to operational theatre.
Serving civilian members of NATO will be offered a contract in accordance with the NATO Civilian Personnel Regulations.
The first six months of definite duration contracts are a probationary period. During this period the staff member's work is assessed to ensure that he/she has the ability to carry out the duties of the post. At or before the end of the probationary period, the staff member will be notified in writing that the appointment is confirmed or terminated or, in exceptional cases, that the probationary period is extended.
What do we offer?
Excellent tax-free salary, including (where eligible) expatriation household and children's allowances and additional privileges for expatriate staff.
Education allowance for children (where appropriate) and an excellent private health insurance scheme;
Generous annual leave and home leave (if eligible).
Retirement Pension Plan
To learn more about NCI Agency and our work, please visit our website.
Please note that due to the Agency’s transition into a new structure in the near future, this post may be subject to transfer to one of our other locations, as well as to a change of reporting lines. The final decision will be made at the time of a firm offer.
The Agency’s recruitment team advises you that due to the large volume of applications it receives the screening process may take up to 2 months after closing date. We appreciate your patience.