About this job

Sapienza Consulting, a tpgroup company, is recruiting an Engineer (Cyber Security) to join NATO – NCIA in Mons, Belgium.

Responsibilities

Scripting and integrations:

• Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS, …
• Develop (python) MISP modules to extend functionality

System administration:

• Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information
• Regularly update the MISP software to the latest version
• Configure and extend the system monitoring of those MISP installations
• Maintain the ansible playbooks related to the MISP setup and configuration
• Maintain and improve documentation related to the MISP installations within NATO

Software Development:

• Develop new features in the core of the MISP Threat Sharing software (PHP)
• Correct bugs and feed them upstream to the open source project
• Develop reporting capabilities on the data that is stored on those MISP instances

Community management:

• Provide support to the use-community of the NATO managed MISP instances
• Organize and steer the NATO MISP User Group (MUG) at least twice a year

Profile

• Required Security Clearance: NATO Secret

The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas:

• Very good technical understanding of the cyber threats to webbased products.
• Excellent python scripting
• Demonstrated experience as sysadmin with LAMP servers – Linux, Apache, MySQL/MariaDB, PHP
• Experience in MVC software development and code review of web applications mostly in PHP language and with SQL
• Good understanding of cyber security principles, best practices, concepts and technology
• Ability to work both independently and as part of the team to achieve the desired goals, including the ability to monitor and support a team
• Excellent organizational and communication skills
• Good level of spoken and written English

Desirable

• Prior experience in developing code (python, PHP) for MISP
• Prior experience as sysadmin of a MISP Threat Sharing platform
• Sys admin experience with RedHat
• Experience with SIEM products such as Splunk or ArcSight is an asset.
• Experience with CakePHP
• Experience with forensics acquisition tools like Fidelis or AccessData FTK
• Previous experience working in Cert type organisation
• Previous experience with NATO