Cyber Security Senior Automation Specialist (NATO-NCIA)

Mons, Belgium, Sapienza Consulting [SC2022/002067]

Field(s) of expertise
Information Technology
Job type

About this job

Sapienza Consulting is recruiting a Cyber Security Senior Automation Specialist to join NATO – NCIA in Mons, Wallonia, Belgium.


  • Provide technical subject matter of expertise for automation of incident detection and response, business reporting, situational awareness as member of the Cyber Security Service Line
  • Act as focal subject matter expert in project and exercise support activities within the team
  • Create automated detection and response capabilities using SIEM, SOAR and other available toolset
  • Develop tools, scripting, automation and integrations to automate activities as much as possible, mostly using Splunk Phantom, Python, Bash and PowerShell Develop and maintain SOAR playbooks
  • Create and optimize SIEM content based on use cases provided by other team members as requested
  • Create dashboards and reports for situational awareness purposes
  • Create technical reports for business and performance reporting
  • Share business information with stakeholders via dashboards and technical reports. Support project activities as end user representative for the team when needed
  • Propose possible optimisations and enhancements to both maintain and improve NATO’s Cyber Security posture
  • Support threat hunting activities by gathering and correlating data using multiple resources
  • Identify and track temporary deficiencies in security tool posture for situational awareness purposes
  • Participate in, or support a Cyber Security Response Team designated to provide Cyber Security Incident Response happening on one or multiple physical locations, including NATO Alliance Operations and Missions


  • NATO Secret security clearance
  • A university degree at a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years of specific experience
  • Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency; that is, at least 7 years extensive and progressive expertise in the duties related to the function of the post


Mandatory Skill, Knowledge & Experience:

  • Detailed knowledge of Security, Orchestrations, Automation and Response (SOAR) concepts and their benefits to the protection of CIS infrastructures
  • Detailed knowledge and demonstrable experience on scripting languages and integration tools including Python, PowerShell and Bash Hands on experience with Splunk ES suite and Phantom SOAR Good understanding of cyber security event triage, analysis and response
  • Good understanding of the network security devices and log sources used in SIEM
  • Good understanding of communication mechanisms on modern internet-facing systems



  • Expert level of knowledge and demonstrable experience with Splunk ES suite and Phantom SOAR
  • Expert level of knowledge and demonstrable experience Python scripting language and related frameworks
  • Demonstrable experience cyber security event triage, analysis and response
  • Industry leading certification in the area of Cybersecurity
  • A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)

For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.