Engineer (Incident Handling)-180927
Primary Location Belgium-Mons
NATO Body NATO Communications and Information Agency (NCI Agency)
Salary (Pay Basis) : 5,467.45Euro (EUR) Monthly
3000 people are working 24/7 to protect nearly 1 billion citizens. We serve 29 nations by defending its networks, and providing real life support to NATO operations and missions. We connect the Alliance. We are leading IT professionals. We are the NCI Agency.
Do you have recent and relevant experience in the analysis of risk and in the implementation and integration of cyber security protective measures? Can you demonstrate experience of Intrusion Detection and Incident Response in a Computer Emergency Response Team? Do you have experience in preparing and delivering reports for different audience? If the answer is yes, this post is ideal for you.
The NCI Agency is currently seeking an Engineer (Incident Handling) to deliver of technical co-ordination, support and assistance in respect of Cyber Security Incident Response to NATO CIS Operating Authorities.
This is a position within the NATO Communications and Information Agency (NCIA), an organization of the North Atlantic Treaty Organization (NATO).
Within the NCI Agency, the Cyber Security Service Line provides specialist cyber security-related services covering the spectrum of scientific, technical, acquisition, operations, maintenance, and sustainment support, throughout the life cycle of NATO information communications and technology, enabling secure conduct of the Alliance's operations and business in the NNEC environment and in the context of NATO's Command, Control, Communications, Computers, Intelligence, Surveillance (C4ISR).
The Incident Handling Cell provides Incident Handling Officers (IHOs) who are responsible for assessment of significant computer and security events and management of any resulting Security Incidents.
Under the direction of the Cell Head, the incumbent will perform duties such as the following:
Provision of 24/7 Incident Response (TRIAGE, Contain, Eradicate, Recover) activities, during normal working hours and on-call duties, including weekends and holidays;
Deliver of technical co-ordination, support and assistance in respect of Cyber Security Incident Response to NATO CIS Operating Authorities or other similar bodies as directed;
Technical coordination, as required, with NATO Nations, Partner Nations, non-Governmental Organisations and Industry partners;
Provision of technical support to forensics investigations;
Cyber Security Incident-related research;
Incident reporting activities in support of NATO CIS, reporting Security Incidents to the appropriate NATO Stakeholders as required;
Production of Standard Operating Procedures covering all aspects of Incident Response (TRIAGE, Contain, Eradicate, Recover) activities;
Analysis, interpretation and dissemination of Security Advisories and Threat Intelligence Reports from NATO Nations, Partner Nations, non-Governmental Organisations and Industry partners;
Research to identify, document and implement improvements to the Incident Response (TRIAGE, Contain, Eradicate, Recover) activities in order to enhance and optimise current best practice to meet new and developing threats;
Incident Threat/Trend Analysis, producing indicators and warnings to raise situational awareness within NATO;
Co-ordination and preparations of reports, recommendations and presentations to the CDMB, Security Authorities and NATO IA communities on all aspects of Incident Response (TRIAGE, Contain, Eradicate, Recover);
Co-ordinating simultaneously the activities of multiple NATO Site-level Incident Response Teams;
Performs other duties as may be required.
You will hold A Master of Science (MSc) degree at a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 2 years post-related experience; or a Bachelor of Science (BSc) degree at a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years post related experience. Exceptionally, the lack of a university/college degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency; that is, at least 10 years extensive and progressive expertise in the duties related to the function of the post.
It is considered highly desirable for you to hold Degree in IT or CIS security related discipline; as well as relevant certifications, such as Certified Information Systems Security Professional (CISSP), GCIH or GIAC/GCIM Security. In addition, it will be considered as an asset if you attended NCISS-101 NATO CIS Orientation and NCISS-279 INFOSEC (COMPUSEC) (or national equivalent).
Being a member of a recognized professional body or institution is considered as an asset.
You will be required to demonstrate, as a minimum, 2 years of recent and extensive experience relevant to this position. Furthermore, you will need to demonstrate:
Excellent communications skills and reporting experience with capacity to communicate to different types of audience (senior executive, middle management, technical and non-technical);
Comprehensive understanding of the principles of Computer and Communication Security, networking, and the vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience;
Experience in the implementation and integration of Cyber Security protective measures;
Recent practical, hands-on experience of Intrusion Detection and Incident Response (TRIAGE, Contain, Eradicate, Recover) in an enterprise-level Computer Emergency Response Team;
Experience in interpreting the results of CIS Technical Security/Vulnerability Assessments;
Practical hands-on experience in System and Network administration to include Network (TCP/IP) Engineering;
Experience of the management of CIS Service Delivery.
It is highly desirable if you can display:
In-depth knowledge of potential security event sources and their interpretation and analysis in support of the incident detection and handling processes;
Practical experience in the management and the professional development of less experienced incident handling staff;
Prior experience of working in an international environment comprising both military and civilian elements;
Knowledge of NATO responsibilities and organizational structure.
Formulating Strategies and Concepts - Works strategically to realise organisational goals; sets and develops strategies; identifies, develops positive and compelling visions of the organisation’s future potential; takes account of a wide range of issues across, and related to, the organisation.
Leading and Supervising - Provides others with a clear direction; motivates and empowers others; recruits staff of a high calibre; provides staff with development opportunities and coaching; sets appropriate standards of behaviour.
Planning and Organising - Sets clearly defined objectives; plans activities and projects well in advance and takes account of possible changing circumstances; identifies and organises resources needed to accomplish tasks; manages time effectively; monitors performance against deadlines and milestones.
Working with People - Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well.
Relating and Networking - Easily establishes good relationships with customers and staff; relates well to people at all levels; builds wide and effective networks of contacts; uses humour appropriately to bring warmth to relationships with others.
Following Instructions and Procedures - Appropriately follows instructions from others without unnecessarily challenging authority; follows procedures and policies; keeps to schedules; arrives punctually for work and meetings; demonstrates commitment to the organisation; complies with legal obligations and safety requirements of the role.
Delivering Results and Meeting Customer Expectations - Focuses on customer needs and satisfaction; sets high standards for quality and quantity; monitors and maintains quality and productivity; works in a systematic, methodical and orderly way; consistently achieves project goals.
A thorough knowledge of one of the two NATO languages, both written and spoken, is essential and some knowledge of the other is desirable. NOTE: Most of the work of the NCI Agency is conducted in the English language.
Business travel to NATO and national (NATO and non-NATO) facilities as well as travel between NCI Agency locations. May be required to undertake duty travel to operational theatres inside and outside NATO boundaries.
NCI Agency normally offers contracts of employment of a definite duration, not exceeding three years. Contracts may be for less than three years as required to support short-term projects, meet uncertainty with respect to the business outlook, staff performance and other factors.
Definite duration contracts may be extended for further periods. When extending contracts, the following is taken into consideration:
Renewal is in the interest of the Agency.
Staff member's desire to remain with the Agency.
The financial situation provides sufficient funding for the post held.
The skills, competencies and behaviours, potential and work experience of the staff, versus the requirements of the Agency's work and/or availability of funding.
Staff member has served the Agency with performance to the required standard as defined by the Agency,
Staff member's deployability to operational theatre.
Serving civilian members of NATO will be offered a contract in accordance with the NATO Civilian Personnel Regulations.
The first six months of definite duration contracts are a probationary period. During this period the staff member's work is assessed to ensure that he/she has the ability to carry out the duties of the post. At or before the end of the probationary period, the staff member will be notified in writing that the appointment is confirmed or terminated or, in exceptional cases, that the probationary period is extended.
What do we offer?
Excellent tax-free salary, including (where eligible) expatriation household and children's allowances and additional privileges for expatriate staff.
Education allowance for children (where appropriate) and an excellent private health insurance scheme;
Generous annual leave and home leave (if eligible).
Retirement Pension Plan
To learn more about NCI Agency and our work, please visit our website.
Please note that due to the Agency’s transition into a new structure in the near future, this post may be subject to transfer to one of our other locations, as well as to a change of reporting lines. The final decision will be made at the time of a firm offer.
The Agency’s recruitment team advises you that due to the large volume of applications it receives the screening process may take up to 2 months after closing date. We appreciate your patience.