On-line Vulnerability Assessment (OVA) Tool Manager
Enterpryze Consulting
- Bergen, Henegouwen
- Vast
- Voltijds
- Working Location: Mons, Belgium
- Security Clearance: NATO Cosmic Top Secret
- Language: High proficiency level in English language
· 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations
· Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center
· IP switching and routing in a wired and wireless environment
· Virtual Infrastructure management based on VMWare technologies
· Systems administration, ideally both with Windows and Linux
· Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell)
· Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
· Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience
· Experience with threat intelligence, incident response and remediation a plus
· Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs is a plus
· Knowledge of NATO organization and its IT infrastructure is a plus
· Experience with Service Management, monitoring and reporting tools, ideally Solarwinds is a plus.
· ITIL Service Management certifications is a plus
· Experience with system instrumentation solutions such as Ansible is a plus
· Certifications such as CISSP, CISM, or CISA is a plus
· Previous experience working for Cyber Security related organisations (CERTs, security offices) is a plus.
· Previous experience working in an international environment comprising both military and civilian elements is a plusDUTIES/ROLE:
· Act as the engineer delivering Online Vulnerability Assessment (OVA) service for NATO CIS
· Manage cyber tools used by OVA teams (further referred as cyber tools)
· Be responsible for ensuring the availability and performance requirements of the cyber tools to meet agreed customers Service Level Targets
· Install, deploy, update, monitor, maintain, configure, troubleshoot and keep in operational conditions the cyber tools
· Escalate to the vendor any issues that cannot be fixed by the OVA Tool Managers
· Troubleshoot identified issues within the cyber tools; liaise with other stakeholders and co-ordinate resolution of those issues
· Carry out all Service Management activities for the cyber tools, including assisting in Service Design workshops, Service Transition activities and ensuring full Service Operations activities (Service Requests, Change Requests, Problem Records, Incident Reports, Root Cause Analysis, etc.) are effectively executed
· Follow ITIL software life cycle management (such as release, testing, distribution and maintenance) of the tools
· Liaise with service delivery manager and end-users to ensure the tools sufficiently support the respective services
· Proactively propose system and service improvements to provide effective and efficient service operations
· Act as the subject matter expert of Cyber tools - provide advice and technical assistance to other stakeholders, maintain technical expertise, awareness of new technologies and developments and contribute to any projects related to the tools and associated cyber services
· Follow, establish, and improve procedures that support management of the tools
· Develop and maintain documentation guidelines, standard operating procedures, system and service design documents and other relevant documentation
· Coordinate with other stakeholders in support of related services; communicate with other NATO entities as well as industry partners
· Produce documentation, reports; organise and deliver presentations and briefings for various audience (technical and non-technical) up to NATO executive level
· Stay current with emerging security threats and technologiesDeliverables and Expected Outcomes:
· Daily: verify that the OVA tools are up, running, updated and healthy; resolve issues; fulfil customer requests, coordinate and work with other stakeholders to improve/maintain tools,
· Weekly: do the maintenance (backup, improve system resources, tool upgrades, etc.), meet with the customer (to better understand their expectations, evaluate their satisfaction, improve service quality), meet with Vendor (get information regarding the new releases, features, updates, ongoing cases, etc.), attend CM meetings (CAB, Evaluation, etc.)
· Monthly: coordinate and work with other entities for patching (like OS, other than security tools, to decrease the impact of those activities on the service)
· Performance Standards:
ü Availability, reliability, performance, security level of the tools should be in good level.
ü Response and resolution time for the requests/incidents should be in the service levels