ESS RSM Tool Manager (NATO NCIA)

Mons, Belgium, Sapienza Consulting [AAS2019-0065]

Field(s) of expertise
Information Technology
Job type

About this job

Sapienza Consulting is recruiting a ESS RSM Tool Manager to work at NATO NCIA in Mons, Belgium.


Under Section Head, Security Tools Management Services or delegated authority, you will perform duties such as:

  • Install, deploy, update, maintain, configure and keep in operational conditions Cyber Defence capabilities as deployed to protect Resolute Support Mission Operational networks in Afghanistan
  • Support design of related capabilities and expansion of service
  • Provide support to RSM users accessing CD systems such as Splunk and ensure appropriate RBAC is implemented and used for these users
  • In particular, you will configure, deploy and maintain event log collection and correlation capability based on Splunk Enterprise
  • Manage and administer the underlying infrastructure to support efficient operation of Central Management of these capabilities
  • Develop and enhance existing interfaces and remote data feeds from RSM Cyber Defence capabilities to NCIRC Security Information and Event Management system or other centrally managed NCIA capabilities
  • Ensure level of security (Confidentiality, Integrity, and Availability) of Resolute Support Cyber Defence Capabilities meet or exceed minimum security requirements defined by NATO security authorities
  • Act as interface between Theatre Cyber Defence personnel, NCIA CISAF project management team and NCIRC to ensure provided capabilities are delivering expected outcome to stakeholders
  • Act as Subject Matter Expert (SME) on Resolute Support Cyber Defence capabilities, especially on SIEM and log aggregation aspects
  • Represent section for change management and service delivery improvement proposals
  • Proactively recommend optimisations to Resolute Support Cyber Defence capabilities to provide effective and efficient service operations
  • Produce metrics to be integrated into wider CSSL or NCIA products that are being delivered up to NATO executive management level and Theatre
  • Take initiatives in area of responsibility and support other objectives of line manager


  • University degree at nationally recognised/certified University in technical subject with substantial Information Technology (IT) content and 2 years of specific experience. Exceptionally, lack of university degree may be compensated by demonstration of candidate’s particular abilities or experience that is/are of interest to NCI Agency; that is, at least 10 years extensive and progressive expertise in duties related to function of post
  • Expert knowledge and extensive hands-on experience in O&M and System Administration activities of Enterprise-wide Security Incident and Event Management (SIEM) based on Splunk Enterprise
  • Demonstrated experience in on-boarding log sources and utilising Regular Expressions for data parsing
  • Good knowledge of virtual environment based on VMWare infrastructure
  • Demonstrated experience in using API for data ingestion and tools integration
  • Demonstrated experience in Linux/UNIX Systems administration, preferably with RedHat
  • Demonstrated experience in management and administration of SQL databases
  • Understanding of service delivery management and service lifecycle
  • Demonstrated experience in scripting languages
  • Professional certifications on Splunk products


Desirable Experience and Education:

  • Demonstrated experience and good knowledge of Python
  • Demonstrated experience in working with following products (O&M activities): Microfocus ArcSight, RSA Netwitness, Cisco SourceFire, Opentext Encase
  • Previous experience in working in Cyber Security
  • Professional Certification related to Cyber Security field
  • NOTE: This role is not a Threat/Malware Analyst however prior experience in such areas is considered additional benefit


Candidates must be eligible to work in the EU

For information on how we process the personal data in your application, please see the Sapienza Privacy Statement here

For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.