Engineer (Cyber Security) (NATO-NCIA)

Mons, Belgium, Sapienza Consulting [AAS- C001942 ]

Field(s) of expertise
Software Engineering
Job type

About this job

Sapienza Consulting, a tpgroup company, is recruiting an Engineer (Cyber Security) to join NATO – NCIA in Mons, Wallonia, Belgium.


  • Scripting and integrations:
  • Developing (python) and maintaining scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS,
  • Develop (python) MISP modules to extend the functionality
  • System administration:
  • Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information
  • Regularly update the MISP software to the latest version
  • Configure and extend the system monitoring of those MISP installations
  • Maintain the ansible playbooks related to the MISP setup and configuration
  • Maintain and improve documentation related to the MISP installations within NATO
  • Software Development:
  • Develop new features in the core of the MISP Threat Sharing software (PHP)
  • Correct bugs and feed them upstream to the open source project
  • Develop reporting capabilities on the data that is stored on those MISP instances
  • Community management:
  • Provide support to the use-community of the NATO managed MISP instances
  • Organize and steer the NATO MISP User Group (MUG) at least twice a year


  • Required Security Clearance: NATO Secret
  • The required skill set for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas:
  • Mandatory
  • Very good technical understanding of the cyber threats to web based products.
  • Excellent python scripting
  • Demonstrated experience as a sysadmin with LAMP servers – Linux, Apache, MySQL/MariaDB, PHP
  • Experience in MVC software development and code review of web applications mostly in PHP language and with SQL
  • Good understanding of cyber security principles, best practices, concepts and technology
  • Ability to work both independently and as part of the team to achieve the desired goals, including the ability to monitor and support a team
  • Excellent organizational and communication skills
  • Good level of spoken and written English
  • Desirable, considered as an extra asset
  • Prior experience in developing code (python, PHP) for MISP
  • Prior experience as sysadmin of a MISP Threat Sharing platform
  • Sysadmin experience with RedHat
  • Experience with SIEM products such as Splunk or ArcSight is an asset
  • Experience with CakePHP
  • Experience with forensics acquisition tools like Fidelis or AccessData FTK
  • Previous experience working in Cert type organisation
  • Candidates must be eligible to work in the EU
  • For information on how we process the personal data in your application, please see the Sapienza Privacy Statement.

For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.