About this job

Sapienza Consulting is recruiting a FPC NIPS Senior Tool Manager to join NATO – NCIA, at Mons, Belgium

Responsibilities

• Install, Configure, administrate and provide ongoing support of Cyber Defence associated specialist tools (see below) in area of:
• Full Packet Capture (to include RSA Netwitness platform)
• Network Intrusion Prevention System (to include Cisco Sourcefire and Palo Alto Network Threat Prevention)
• To participate in investigation of Security Events to establish if these are expected tool behaviours, events or security threat
• Provide technical support for performance testing of content and rules
• To ensure that all NCIRC specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with others systems or applications and NCSC needs (to include, but not limited to ensuring proper setup and functioning of NIPS/FPC appliances or integration into monitoring systems)
• Proactively recommend optimizations to capabilities to provide effective and efficient service operations
• Work out implementation plans for new capabilities and take ownership to ensure rapid implementation of those new tools and optimizations
• Initiate, prepare, follow and defend the specialist applications upgrades in front of Change Management Board
• Implement approved changes
• Review security documentation and provide technical advice, when requested
• Maintain awareness of new technologies and developments, industry standards and best practices within NCSC community for FPC / NIPs tools, participating in knowledge sharing with other analysts and develop solutions efficiently
• Perform other essential duties as assigned, as technical reports and/or executive level reports production

Profile

• Essential to have bachelor’s degree in computer science combined with minimum of 5 years’ experience as Security Tool Analyst (STA), Security Tool Manager or similar position involving technical ICT engineering knowledge, or secondary education and completed advanced vocational education (loading to professional qualification or professional accreditation) with 7 years post related experience
• Experience with enterprise Full Packet Capture solutions (e.g.Niksun, RSA/NetWitness)
• Deep knowledge in NIPS technologies, including Detection and Prevention (signature-based detection, statistical anomaly-based detection etc) systems (i.e : Palo Alto Network Threat Prevention and Cisco Sourcefire)
• Proven experience with deployments and ongoing operational support of NIPS technologies (specifically Cisco Sourcefire and Palo Alto Networks Threat Prevention) on enterprise level• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
• Experience of maintaining secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO.• Extensive knowledge of Sourcefire/Snort
• Knowledge of Palo Alto Networks Threat Prevention
• Practical hands-on experience in systems and tools administration
• Comprehensive knowledge of principles of computer and communication security, LAN/WAN networking including protocol network architecture, and vulnerabilities of modern operating systems and applications
• Troubleshooting of Linux and/or Windows infrastructures
• Excellent communication abilities, both written and verbal, with ability to clearly and successfully articulate complex issues to variety of audiences and teams
• Must hold Security Clearance NATO Secret
• Fluent business English; knowledge of another NATO member-state language is an asset

Desirable:

• Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
• Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC
• A solid understanding of Information Security Practices; relating to Confidentiality, Integrity and Availability of information (CIA triad)
• Prior experience of working in international environment comprising both military and civilian elements

Candidates must be eligible to work in the EU

For information on how we process the personal data in your application, please see the Sapienza Privacy Statement