Deadline Date: Tuesday 17 December 2024
Requirement: Vulnerability Assessment Engineer
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 1254
Required Start Date: 27 January 2025
End Contract Date: 31 December 2025
Required Security Clearance: NATO COSMIC TOP SECRET
NOTE: We can only accept CTS cleared candidates for this role due to security regulations. We cannot accept NS cleared candidates with ongoing CTS clearance requested.
Duties and Role:
The contracted individual will be asked to support the development of one or more technical deliverables and/or provide exercise support in execution of projects undertaken within the 2025 calendar year.
The contracted individual must be able to perform effectively and efficiently with minimal supervision.
Travel to NATO and national (NATO and non-NATO) facilities is required in support of assessments.
The duties of the individual mainly focus on:
- Plan and execute technical On-site CIS Security Audits (Type-3) for networks, systems, and applications, and ensure the accuracy of the results;
- Analyse collected assessment data and identify security weaknesses;
- Write Security Audit reports with findings and appropriate recommendations;
- Provide briefings and further information to support remediation and mitigation;
- Contribute to development of in-house toolset for data collection and analysis;
- Performs other duties as may be required
Requirements
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
The required skillset for the contracted individual is extensive knowledge and experience (more than 3 years) in the following areas:
- In-depth understanding of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications;
- Expert level of knowledge in executing vulnerability assessment scans for large networks, without impacting the availability or the performance of the scanned systems;
- Demonstrable expert knowledge of, and work experience with Tenable Nessus products;
- Extensive level of knowledge in developing advanced Nessus configurations using audit files for implementing compliancy checks for operating systems, network devices and applications;
- Thorough understanding of Active Directory security configuration and associated vulnerabilities;
- Comprehensive experience in assessing system hardening and antimalware configuration;
- Advanced knowledge of Microsoft Azure AD/Entra ID/Office 365 and/or AWS Cloud Security;
- Enhanced skillset in data processing automation using script languages (e.g. PowerShell, Python, Bash);
- Excellent communication skills with respect to briefing/presenting, report writing & mediation;
- Good interpersonal skills and ability to work independently and as part of a team;
