Startup Jobs
Post a Job
EMW, Inc.

C004394 Cyber Security Threat Hunting Tools Administrator (CTS) - THU 18 Dec

Mons , Belgium
contractor On-site

AI overview

Design and manage a comprehensive suite of threat hunting tools while ensuring compliance with strict security requirements and enhancing operational efficiency through automation practices.

Deadline Date: Thursday 18 December 2025

Requirement: Cyber Security Threat Hunting Tools Administrator

Location: Mons, BE

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 1254

Required Start Date: 2 February 2026

End Contract Date: 31 December 2026

Required Security Clearance: NATO COSMIC TOP SECRET

 

Duties & Role:

In line with the directions from the threat hunting lead and analysts, your main duties will be to:

  • Design, set up, and manage a suite of tools supporting threat hunting (ex.: THOR, Asgard, Sysmon, Corelight, Microsoft Defender, Splunk, Sentinel) ensuring seamless integration with other technologies present on the network.
  • Ensure that the deployment and operation of those tools meet strict security requirements and comply with IT Service Management policies governing the network environment. This includes producing the required documentation and maintaining testing environments.
  • Apply best practices workflow automation by leveraging tools and technologies like N8N, Ansible and Magnet Automate to enhance efficiency and reliability.
  • Liaise with supporting team in other services and business areas to ensure streamlined delivery of agents, logs and configuration items.
  • Lead or contribute to the creation and ongoing maintenance of comprehensive documentation and Standard Operating Procedures (SOPs) to support operational continuity and compliance.
  • Collaborate closely with team members and end users to incorporate feedback, continuously improving the quality and effectiveness of the delivered digital forensics capabilities.
  • Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs, prepare documentation and implementation plan for the Change Management Board. Implement the approved changes following co-ordination with other stakeholders.

NOTE: This role is not a Cyber Security analyst; utilisation of cyber tools (performing threat hunt, malware or vulnerability analysis) is not considered to be part of the standard duties.

Requirements

Skill, Knowledge & Experience:

  • The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
  • Essential to have a Bachelor's Degree in Computer Science (or similar) combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience. Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency; that is, at least 8 years extensive and progressive expertise in the duties related to the function of the post.
  • Strong knowledge and experience in deploying, managing and maintaining cyber security tools in complex environments;
  • At least 2 years of extensive practical experience as a tool engineer/system administrator in large enterprise environments (deployment, installation, configuration and maintenance), especially in Linux environments;
  • Practical skills in writing Bash, Python or Ansible scripts to support repetitive tasks automation.
  • Solid understanding of cyber threat hunting methodologies and principles;
  • Have an in-depth understanding of infrastructure concepts related to Hosting, Networks, IP address Management, firewalls, certificates, Load balancing and Proxy;
  • Knowledge and demonstrable experience with scripting languages and integration tools including PowerShell, Python, Bash, Batch and Ansible;
  • Knowledge of network based visibility tools such as Zeek and how to administrate them in an enterprise environment;
  • Hands-on experience with network infrastructure and virtualized environments (preferably VMWare);
  • Good understanding of cyber security concepts;
  • Good understanding of network communication protocols;
  • Good verbal and written communication skills in English;
  • Strong team-spirit attitude;
  • Ability to produce detailed technical documentation and follow change management processes.

Desirable

  • Practical experience with Sysmon: deployment, installation, configuration and maintenance;
  • Practical experience with Nextron Asgard/THOR solutions;
  • Professional experience in cyber security monitoring;
  • Past experience working for NATO or in an international organization;
  • Experience with Microsoft Azure, Microsoft Defender for Endpoint;
  • ITIL Service Management certifications;
  • Prior experience as a user of SIEM and Log aggregation systems.
EMW, Inc.

EMW provides lifecycle Systems Engineering and Technical Assistance (SETA), Engineering and Installation (E&I), Operations and Maintenance (O&M), Force Protection Technologies and Contractor Recruitment Services across the fields of Defense, Health Information Technology, Cyber Security and Information Assurance, Perimeter Security and Telecommunications Infrastructure worldwide.

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Administrator Q&A's
Report this job
Apply for this job