Sapienza Consulting is recruiting FPC NIPS Senior Tool Manager to work at NCIA in Mons.
As Full Packet Capture (FPC) / Network Intrusion Prevention System (NIPS) Senior Tool Manager, the incumbent will be responsible for supporting Cyber Defence operations, maintaining and updating the tool’s configurations to match threat environment, specifically for Full Packet Capture and Network Prevention Intrusion System activities. FPC / NIPS Senior Tool manager reports to Head, Gateway Security Services Section and will work with Security Event Analysts (SEAs) and Engineers of CS Operations Branch to help tune security tools for optimum CS Incident Detection while keeping required performance target. They will also work with the Staff of the Platform and Infrastructure Management Section to support underlying platforms. The main aim is to ensure that NCIRC Full Packet Capture (capability to store locally a record of network traffic at various critical points) and NIPS (capacity to identify potential cyber-attacks and intrusion on NATO networks) are installed, configured and fully available. Main responsibilities include, but are not limited to following:
Install, Configure, administrate and provide ongoing support of Cyber Defence associated specialist tools (see below) in area of: – Full Packet Capture (to include RSA Netwitness platform) – Network Intrusion Prevention System (to include Cisco Sourcefire and Palo Alto Network Threat Prevention)
To participate in investigation of Security Events to establish if these are expected tool behaviours, events or security threat. Provide technical support for performance testing of content and rules. To ensure that all NCIRC specialist applications related to FPC and NIPS are installed, configured, and running properly and in line with dependencies with others systems or applications and NCSC needs (to include, but not limited to ensuring proper setup and functioning of NIPS/FPC appliances or integration into monitoring systems). Proactively recommend optimizations to capabilities to provide effective and efficient service operations. Work out implementation plans for new capabilities and take ownership to ensure rapid implementation of those new tools and optimizations. Initiate, prepare, follow and defend the specialist applications upgrades in front of Change Management Board.Implement approved changes. Review security documentation and provide technical advice, when requested. Maintain awareness of new technologies and developments, industry standards and best practices within NCSC community for FPC / NIPs tools, participating in knowledge sharing with other analysts and develop solutions efficiently. Perform other essential duties as assigned, as technical reports and/or executive level reports production.
Candidates must be eligible to work in the EU
For information on how we process the personal data in your application, please see the Sapienza Privacy Statement
For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.