C003561 On-line Vulnerability Assessment (OVA) Tool Manager

Under the direction of the Operational
Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the
incumbent shall execute the following tasks:

• Act as the engineer delivering Online
  Vulnerability Assessment (OVA) service for NATO CIS.
  
• Manage cyber tools used by OVA teams
  (further referred as cyber tools).
  
• Be responsible for ensuring the availability
  and performance requirements of the cyber tools to meet agreed customers
  Service Level Targets.
  
• Install, deploy, update, monitor, maintain,
  configure, troubleshoot and keep in operational conditions the cyber tools.
  
• Escalate to the vendor any issues that
  cannot be fixed by the OVA Tool Managers.
  
• Troubleshoot identified issues within the
  cyber tools; liaise with other stakeholders and co-ordinate resolution of those
  issues.
  
• Carry out all Service Management activities
  for the cyber tools, including assisting in Service Design workshops, Service
  
• Transition activities and ensuring full
  Service Operations activities (Service Requests, Change Requests, Problem
  Records, Incident Reports, Root Cause Analysis, etc.) are effectively executed.
  
• Follow ITIL software life cycle management
  (such as release, testing, distribution and maintenance) of the tools.
  
• Liaise with service delivery manager and
  end-users to ensure the tools sufficiently support the respective services.
  
• Proactively propose system and service
  improvements to provide effective and efficient service operations.
  
• Act as the subject matter expert of Cyber
  tools - provide advice and technical assistance to other stakeholders, maintain
  technical expertise, awareness of new technologies and developments and
  contribute to any projects related to the tools and associated cyber services.
  
• Follow, establish, and improve procedures
  that support management of the tools.
  
• Develop and maintain documentation
  guidelines, standard operating procedures, system and service design documents
  and other relevant documentation.
  
• Coordinate with other stakeholders in
  support of related services; communicate with other NATO entities as well as
  industry partners.
  
• Produce documentation, reports; organise and
  deliver presentations and briefings for various audience (technical and
  non-technical) up to NATO executive level.
  
• Stay current with emerging security threats
  and technologies.
  
• Deliverables and Expected Outcomes:
  
• Under the direction of the Operational
  Tooling Management Cell (OTMC) / Vulnerability Assessment Section Head, the
  incumbent shall deliver the following:
  
• Daily: verify that the OVA tools are up,
  running, updated and healthy; resolve issues; fulfill customer requests,
  coordinate and work with other stakeholders to improve/maintain tools,
  
• Weekly: do the maintenance (backup, improve
  system resources, tool upgrades, etc.), meet with the customer (to better
  understand their expectations, evaluate their satisfaction, improve service
  quality), meet with Vendor (get information regarding the new releases,
  features, updates, ongoing cases, etc.), attend CM meetings (CAB, Evaluation,
  etc.)
  
• Monthly: coordinate and work with other
  entities for patching (like OS, other than security tools, to decrease the
  impact of those activities on the service) 
  
• Performance Standards
  
• Availability, reliability, performance,
  security level of the tools should be in good level. Response and resolution
  time for the requests/incidents should be in the service levels.
  

Requirements

• Bachelor's degree in Computer Science,
  Information Technology, or related field Or equivalent experience
  
• 3+ years of experience in IT security, with
  a focus on System Administration, Security Tools Management in large
  organisations.
  
• Strong understanding of security best
  practices and experience with Tenable products especially with Tenable Security
  Center.
  
• IP switching and routing in a wired and
  wireless environment.
  
• Virtual Infrastructure management based on
  VMWare technologies.
  
• Systems administration, ideally both with
  Windows and Linux.
  
• Good engineering skills including
  programming and/or scripting knowledge (python, shell scripting, PowerShell).
  
• Demonstrable experience of analysing and
  interpreting system, security and application logs in order to diagnose faults
  and spot abnormal behaviours.
  
• Comprehensive understanding of principles of
  Computer and Communication Security, networking, and vulnerabilities of modern
  operating systems and applications acquired through a blend of academic or
  professional training coupled with practical professional experience.
  
• Strong analytical and problem-solving
  skills.
  
• Excellent communication abilities, both
  written and verbal, with the ability to clearly and successfully articulate
  complex issues to a variety of audiences and teams.
  
• Experience with threat intelligence,
  incident response and remediation a plus.
  
• Knowledge of python (pyTenable) and
  PowerShell.
  
• Experience working with Tenable. SC and
  Nessus Manager APIs is a plus.
  
• Knowledge of NATO organization and its IT
  infrastructure is a plus.
  
• Experience with Service Management,
  monitoring and reporting tools, ideally SolarWinds is a plus.
  
• ITIL Service Management certifications is a
  plus.
  
• Experience with system instrumentation
  solutions such as Ansible is a plus.
  
• Certifications such as CISSP, CISM, or CISA
  is a plus.
  
• Previous experience working for Cyber
  Security related organisations (CERTs, security offices) is a plus.
  
• Previous experience working in an
  international environment comprising both military and civilian elements is a
  plus.