123

Online Vulnerability Tool Manager (OVA) (NATO-NCIA)

Mons, Belgium, Sapienza Consulting [AAS4846]

Field(s) of expertise
Cyber Security Software Engineering
Job type
ContractTemporary
Education
BachelorVocational
Deadline
Closed

About this job

Sapienza Consulting is recruiting a Online Vulnerability Tool Manager (OVA) to join NATO – NCIA, at Mons, Belgium.

Responsibilities

  • Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions Vulnerability Assessment (VA) systems
  • Configure VA systems to support vulnerability, compliance and remediation verification scanning
  • Define, maintain, update advanced VA configurations, e.g. low performance impact VA scans, and audit files that implement specific hardening guides
  • Troubleshoot issues arising from vulnerability scanning and serve as technical expert for online vulnerability assessment tools
  • Ensure level of security (Confidentiality, Integrity, and Availability) of VA systems meet or exceed minimum security requirements defined by NATO security authorities
  • Compile, draft, review and deliver inputs on all aspects relevant to VA capabilities and VA scan results and processes, and associated documentation
  • Develop reports and dashboards that reflect Online VA systems availability, scans performance, success/failure effectiveness and efficiency and perform targeted historical analysis, review historical trending data and recommend improvement opportunities
  • Perform functions to ensure Cyber Security Hygiene Indicators (CSHI) programme is implemented effectively and efficiently
  • Develop NCI Agency specific Request for Change formal documentation for VA products, configure test of VA systems and provide support for conducting functional and security tests required by Change Management processes for having systems approved to be used on NCI Agency managed networks
  • Produce metrics to be integrated into wider CSSL or NCI Agency products that are being delivered up to NATO executive management level
  • Initiate, prepare, follow and defend specialist applications upgrades in front of the Change Management Board- Implement the approved changes
  • Proactively recommend optimizations to VA capabilities to provide effective and efficient service operations
  • Maintain awareness of new technologies and developments, industry standards and best practices within wider IA community and provide support for selection of vulnerabilities management and vulnerabilities assessment tools
  • Produce technical reports and support the production of executive level reports
  • Review security documentation and provide technical advice

Profile

  • Essential to have Bachelor’s Degree in Computer Science combined with minimum of 2 years’ experience in Vulnerability Assessment related post as Tool Manager or similar position involving Technical ICT Engineering knowledge, or Secondary education and completed advanced vocational education (leading to professional qualification or professional accreditation) with 5 years post related experience
  • Experience in implementation of INFOSEC policies and procedures
  • Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell)
  • Knowledge of Windows and Linux Operating Systems
  • Knowledge of risk based Security Assessment of systems and networks
  • Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications
  • Practical hands-on experience in systems and tools administration
  • Demonstrable expert knowledge of Tenable Security Center / Tenable Nessus products
  • Ability to investigate and analyse complex scenarios and solve problems in innovative ways
  • Excellent communication abilities, both written and verbal, with ability to clearly and successfully articulate complex issues to a variety of audiences and teams
  • Must hold Security Clearance NATO Secret
  • Fluent business English; knowledge of another NATO member-state language is an asset

Desirable:

  • Experience in defining, implementing and validating NCIA CSSL security settings
  • Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC
  • Tenable Certified Security Engineer
  • Prior experience of working in an international environment comprising both military and civilian elements

Candidates must be eligible to work in the EU

For information on how we process the personal data in your application, please see the Sapienza Privacy Statement

For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.