Would you like to join the leading international intergovernmental organization?
You will be responsible for developing effective, agile and resilient cyber security solutions tailored to specific operational requirements and environmental conditions. You will also design, develop, test, and evaluate information system security throughout the systems development life cycle and be responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security. Applies and maintains specific security controls as required by organisational policy and local risk assessments.
Communicates security risks and issues to business managers and others.
Defines secure systems configurations in compliance with intended architectures.
Supports investigation of suspected attacks and security breaches.
Leads a team of 3-4 Cyber Security and COMSEC personnel through day-to-day operations
Responsible as the Cyber Security Section Head for the administration of all aspects of Cyber Security activities in coordination with the NATO Cyber Security Centre (NCSC), to include, but not limited to, boundary protection management, data loss prevention and enterprise antimalware.
Schedule, coordinate and facilitate security audits and inspections, manage post inspection actions.
Supervises monitoring, testing, evaluating computer security systems and the evaluation of Cyber Security aspects of CIS Accreditation.
Plans and as necessary implements Cyber Security services in support of Agency SLs, DSO, Strat and other Agency organizational elements as applicable.
Minimum of 5 yrs of experience in Windows Server security hardening, including implementation of security baselines, policy enforcement, vulnerability mitigation, and system compliance; At least 3 yrs of experience with Trellix ePolicy Orchestrator and Trellix Endpoint Security, including Trellix Data Loss Prevention and Trellix Application Control (or equivalent security software) and 2 yrs experience with system security, security architecture, network security engineering, security governance, and risk management
Detailed knowledge and working experience of security and networking technologies including IPv4, Software based Firewalls, VPNs, Intrusion Detection and Forensic tools
Wireless LAN technologies and endpoint security of mobile devices including laptops, tablets and smartphones; Security incident handling, interpretation of Cyber Security audit results and conducting risk assessments; Identifying and mitigating security vulnerabilities; Supporting NATO Enterprise CIS, knowledge of NATO responsibilities and organization, including the NATO Command Structure, ACO & ACT and knowledge of NATO Security Policy and supporting directives
Bachelor's degree at a nationally certified University in a related discipline and 2 years post-related experience. Demonstrated ability to handle stressful situations with calmness, ensuring the user feels supported throughout their interaction. English B2-C1/Upper Intermediate-Advanced level
Palo Alto Enterprise firewalls, Public Key Infrastructure, McAfee Endpoint Security Enterprise solutions. Experience in managing centralized endpoint security (i.e. Trellix) and using Vulnerability Scanners (i.e., Familiarity with ITIL or other IT service management frameworks(incident, request fulfilment, problem, change and capacity management)
Prior experience of working in an international environment comprising both military and civilian elements
CGRC/CAP or CASP+ (or Cloud+, PenTest+, Security+, GSEC or equivalent certification) •ITIL (v3 or v4) Foundation certified •0731 NATO COMPUSEC Practitioner Level 1, 0732 NATO COMPUSEC Practitioner Level 2 •0280 NATO CIS Security Officer •Security Professional certification: It should only take a few moments to complete, and we'll be in touch promptly if your experience aligns with our needs.