Deadline Date: Wednesday 10 April 2024
Requirement: CIS Security Engineer - CISS
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 418
Required Start Date: 20 May 2024
End Contract Date: 31 December 2024
Required Security Clearance: NATO SECRET
Duties and Role:
Provide information security oversight of all NISC Managed CIS and networks within the Agency, both for internal operations and for Agency's customer-funded Networks, Programme of Work, and ensures the adequate level of systems/data protection in accordance with NATO INFOSEC policies and directives;
Design, deploy, configure, maintain and operate the NISC ePolicyOrchestrator (EPO) managed security tools installations including but not limited to Trellix ENS, DLP, MAC, RSD, TIE, HX, ensuring the approved security configurations are implemented and maintained throughout entire Trellix products' lifecycle;
Design, deploy, configure, maintain and operate the Active Directory (AD) security solutions and tools for NISC managed CIS, ensuring continuous AD security monitoring and vulnerabilities remediation coordination;
Is responsible for provision of expert advice, in coordination with NCSC, on the adequate level of information security posture and for ensuring such advice, where appropriate, is implemented under governance of NATO Security Accreditation Board;
Ensure adequate level of systems/data protection in accordance with NATO Security policies and directives;
Conduct remediation activities in collaboration with the NCI Agency Service Delivery Managers;
Conduct internal vulnerability assessment testing on NISC systems and provide associated reporting;
Provide feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes;
Performs other duties as required
Requirements
Skill, Knowledge & Experience:
The candidate must have a currently active NATO SECRET security clearance
Expert knowledge of Trellix ePO and managed products (ENS, DLP, MAC, RSD, TIE, HX);
Comprehensive knowledge of the principles of computers and communication security, networking, and the vulnerabilities of modern operating systems and applications;
Experience with implementation and integration of CIS Security protective measures in Active Directory based environments;
Experience with Cyber Hygiene and the top 20 Critical Security Controls for effective cyber defence;
Ability to investigate and analyse complex scenarios and solve problems in innovative ways;
Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams.
Skills:
Writing and Reporting - Writes convincingly; writes clearly, succinctly and correctly; avoids the unnecessary use of jargon or complicated language; writes in a well-structured and logical way; structures information to meet the needs and understanding of the intended audience.
Working with People - Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well.
Applying Expertise and Technology - Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organizational departments and functions.
