About this job

Sapienza Consulting is recruiting an OVA Analyst to join NATO – NCIA in Mons, Wallonia, Belgium.

Responsibilities

• Perform centralised Cyber Security Online Vulnerability Assessments (OVA) of classified and unclassified networks, systems and applications
• Contribute to the development and the implementation of the vulnerability analytics solution (OVABI) and the Cyber Security Hygiene Indicators program
• Support NCI Agency CIS Support Units and other NATO entities and customers in the process of vulnerability remediation
• Maintain awareness of new technologies and developments, Industry standards and Best practices and Threat Intelligence within the wider IA community
• Liaise with NCSC Infrastructure to ensure that the Online Vulnerability Assessment Capability is operational
• Liaise with the customers to ensure the target environments are configured correctly to allow OVA scans
• Develop Security Assessment documentation, including:
  • Security Audit, Compliance Checks reports and dashboards
  • Security Audit, Compliance Checks Testing trend analysis reports
  • Security Audit, Compliance Checks tool operating/configurations instructions
  • General Security Audit, Compliance Check procedures documentation
• Support the production of Standard Operating Procedures covering all aspects of vulnerability data collection, vulnerability data analysis and reporting processes to ensure consistency with NATO Policy and Agency Directives
• Provide analysis and interpretation of vulnerability assessment results and recommendation of mitigation strategies
• Produce technical and executive level reports
• Review security documentation and provide advice

Profile

• The candidate must have a currently active NATO SECRET security clearance
• Expert level of knowledge in developing vulnerability assessment scans configurations for large networks, without impacting the availability or the performance of the scanned systems
• Expert level of knowledge in developing advanced Nessus configurations using audit files for implementing compliancy checks for operating systems, network devices and applications
• Expert level of knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications
• Comprehensive knowledge of Tenable.SC and Nessus applications
• Comprehensive knowledge of Microsoft Power BI, Microsoft Power BI Reporting Server, and Microsoft SQL Server
• Proven ability to communicate effectively orally and in writing with good briefing skills

Desirable:

• Degree in IT or CIS security related discipline
• Industry-leading certification in the area of Cybersecurity such as MCSA, MCSE/S, SANS GIAC certifications
• Tenable Certified Security Engineer
• Prior experience of working in an international environment comprising both military and civilian elements