Electrical Engineer
نُشرت في :
25-02-2024
صاحب العمل نشط
1 وظيفة شاغرة
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
الوصف الوظيفي
رقم الوظيفة : 2291158
IT Analyst- Cloud-Based Ext. Attack Surface Mgmt.
- Working Location: Mons, Belgium
- Security Clearance: NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
Bachelors degree in Computer Science, Information Technology, or related field or equivalent experience
3+ years of experience in IT security, with a focus on Security Audit and / or Security Assessment of large organisation
Strong understanding of security best practices and experience with cloud-based infrastructure
Knowledge of relevant NATO standards and regulations
Ability to understand and interpret the outcomes of security audit reports (NATO high side network)
Experience with threat intelligence, incident response and remediation a plus
Knowledge of NATO organization and its IT infrastructure is a plus
Certifications such as CISSP, CISM, or CISA is a plus
DUTIES/ROLE:
On a daily basis, monitor and analyse EASM data to identify and respond to potential threat
Configure and maintain the cloud-based EASM tool including the process to authorize users to access the EASM tool
Collaborate with other members of the NATO Security Teams to ensure the protection of enterprise assets
Ensure remediation and mitigations recommendations are compliant with relevant NATO standards and regulations
Stay current with emerging security threats and technologies
Actively engage in the remediation process, follow its progress and report on it
Weekly / Monthly report with the found vulnerabilities, remediation actions taken and status
Keep an up-to-date list of POC responsible of internet facing services
Perform the reporting tasks on the NATO High Side network (note: the NATO High Side network is not accessible from outside the NCSC premises perimeter)
Deliverables:
Daily: maintain a comprehensive list of all vulnerabilities being taken care of, along with their remediation or mitigation status. The dataset shall be updated no later than 2 working days after the notification of a change is received
Weekly: deliver a comprehensive vulnerability report the SDM and SAO, taking into account all vulnerabilities posing a security risk to the monitored organization, remediation actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each first working day of a calendar week, before Close of Business. No weekly report is due if that week does not include any working day (for instance: long official holidays such as Christmas break)
Monthly: deliver vulnerability report to the SDM and SAO, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphic way the trend of the security posture of the internet facing services. The monthly report is expected to be delivered within 5 working days after the last working day of the past month
Yearly: deliver a report to the SDM and SAO, with a summary of all events and actions that occurred during the year. The yearly report is expected to be delivered within 15 working days after the last working day of the past year
3+ years of experience in IT security, with a focus on Security Audit and / or Security Assessment of large organisation
Strong understanding of security best practices and experience with cloud-based infrastructure
Knowledge of relevant NATO standards and regulations
Ability to understand and interpret the outcomes of security audit reports (NATO high side network)
Experience with threat intelligence, incident response and remediation a plus
Knowledge of NATO organization and its IT infrastructure is a plus
Certifications such as CISSP, CISM, or CISA is a plus
DUTIES/ROLE:
On a daily basis, monitor and analyse EASM data to identify and respond to potential threat
Configure and maintain the cloud-based EASM tool including the process to authorize users to access the EASM tool
Collaborate with other members of the NATO Security Teams to ensure the protection of enterprise assets
Ensure remediation and mitigations recommendations are compliant with relevant NATO standards and regulations
Stay current with emerging security threats and technologies
Actively engage in the remediation process, follow its progress and report on it
Weekly / Monthly report with the found vulnerabilities, remediation actions taken and status
Keep an up-to-date list of POC responsible of internet facing services
Perform the reporting tasks on the NATO High Side network (note: the NATO High Side network is not accessible from outside the NCSC premises perimeter)
Deliverables:
Daily: maintain a comprehensive list of all vulnerabilities being taken care of, along with their remediation or mitigation status. The dataset shall be updated no later than 2 working days after the notification of a change is received
Weekly: deliver a comprehensive vulnerability report the SDM and SAO, taking into account all vulnerabilities posing a security risk to the monitored organization, remediation actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each first working day of a calendar week, before Close of Business. No weekly report is due if that week does not include any working day (for instance: long official holidays such as Christmas break)
Monthly: deliver vulnerability report to the SDM and SAO, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphic way the trend of the security posture of the internet facing services. The monthly report is expected to be delivered within 5 working days after the last working day of the past month
Yearly: deliver a report to the SDM and SAO, with a summary of all events and actions that occurred during the year. The yearly report is expected to be delivered within 15 working days after the last working day of the past year
نوع التوظيف
دوام كامل
القسم / المجال المهني
المهارات المطلوبة
الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا
