About this job

Sapienza Consulting is recruiting Services Security Contractor to join NATO – NCIA, at The Hague, South Holland, Netherlands.

Responsibilities

1. Professional Services Consultancy is required for AMDC2 systems and NISP project:

1.1. Consultancy for DISA-STIG and OpenScap implementation on Oracle Linux 8, priority one: Implement a protection profile based on OpenScap and (preferably) DISA-STIGs for OL standalone and full server including protection profile enforcement, update, reporting, and customisation. Min skill for the task: Hands-on experience in writing structured and well documented test suites using PyTest and Gherkin.

1.2. Command-Line Test Automation with PyTest framework and Gherkin (behaviour driven testing) consultancy, priority two: Create a robust suite of automated test cases for the NISP command line tools on Solaris 11.4 and Oracle Linux 8. The test framework used is PyTest, and the test cases will be written in Gherkin. Min skill for the task : Hands-on experience with configuring FreeIPA, customising FreeIPA, resolving FreeIPA bugs

1.3. Consultancy for FreeIPA, priority three: Secure configuration of FreeIPA, understand Do’s and Don’ts of FreeIPA, resolution of some tasks affecting FreeIPA (such as the site adaptation). Min skill for the task: Hands-on experience with the implementation of protection profiles using the OpenScap suite and using DISASTIGs as input. Consultant shall have hands-on experience in implementing customisations to protection profiles, such as allowing the end-user to turn certain settings on and off. Consultant shall have hands-on experience in updating protection profiles, reporting on protection status, fixing issues with protection profiles.

1.4. Any other task related to NISP software.

Profile

• The candidate must have a currently active NATO SECRET security clearance
• University degree in computer science or a comparable field of study, ideally with a security focus
• Hands on experience in Red Hat and/or Oracle Linux security (for example, Kernel hardening, Linux permissions, capabilities, namespaces, secure RPC)
• Extensive experience (at least 5-10 years) with RHEL (or derivatives) administration, including RHEL8
• Proven experience in consultancy of RHEL8 system hardening and security uplift
• Experience in software development methodologies, configuration control and management
• Deep knowledge and experience in Red Hat and Oracle Linux distributions
• Fluent in English