Senior Cyber Security Engineer

Introduction

NSPA are looking for engineers to support their Cyber Security infrastructure to covering day to day and project activities, in addition providing Cyber Security services to NSPA customers or partners from across the NATO nations.

Day to Day Activities

• Planning and carrying out the replacement of products or technologies within the infrastructure. This will involve developing time schedules, collaborating with the helpdesk, communicating with the customers, configuring the new equipment and performing the actual migration work. Following this, documentation and diagrams will have to be updated.
• Operating and maintaining a wide variety of different cyber security solutions on a day-to-day basis, including but not limited to: Network firewall, web proxy, mail proxy and anti-spam, antivirus for servers, DMZ segregation, web application firewall, intrusion prevention, SIEM log correlation and reporting, managed file transfer, certificates, strong authentication etc.
• Providing support on various cyber security tasks and operations, such as incident response, troubleshooting, change management, write and implement security procedures for operating security solutions, lifecycle management, security and risk assessments, etc.

Project Activities

• Assessment of new cyber security products or technologies. This will involve researching the product, liaising with the manufacturer, arranging for a lab trial, conducting a test phase and then writing a report and making recommendations to NSPA.
• Design and implementation of new secure solutions for various projects and to ensure that NSPA Cyber Security posture remains adequate and aligned with best practices.
• Operating effectiveness testing and improvement of existing cyber security controls involving various cyber security technologies (including but not limited to network firewalls, Web Application firewalls, SIEM, Network IPS, e-mail protection, web browsing protection, Public Key Infrastructure, Medium and Strong authentication, etc.).
• Cyber Security advisory and support provided for various customer projects.
• Cyber Security penetration testing project.

Working Location

• Main working location: Capellen, Luxembourg (NSPA HQ)
  • Some projects may require business travel to other NSPA Locations
  • Some remote/hybrid work may be required

Working Hours

• Monday to Thursday:
  • Arrival 06:00 to 09:00
  • Lunch break Minimum 30 minutes 11:45 – 13:45
  • Departure 16:15 to 20:00
• Friday
  • Arrival 6:00 to 9:00
  • Departure 12:15 to 17:00
• Public Holiday of Luxembourg will be applicable
• Some on-call duties and weekend work will be required on a rotation basis

Project Duration

• 3 years + 2 Years

Mandatory Requirements

Professional Experience

• Proven experience of at least 5 years in IT Cyber Security.
• Proven experience of at least 1 year in a NATO environment.

Proven experience and skills (Minimum 8 of the below)

• Next Generation Firewalls (including Intrusion Detection/Prevention System),
• Web Application Firewalls and Reverse Proxies,
• Web Proxies
• E-mail gateways
• Vulnerability Management
• Anti-malware, sandboxing and endpoint protection technologies
• Public Key Infrastructures (PKIs), smartcards and user authentication technologies
• Mobile Device Management (MDM)
• Apple infrastructure and iOS management
• Security Incident Event Management (SIEM)
• Multi-Factor authentication
• Privileged Access Management
• Good Knowledge - Ability to troubleshoot and solve issues involving the aforementioned technologies

Proven knowledge of:

• Good Knowledge - Cloud Architecture and Security
• Good Knowledge - Operating System (Windows and Linux) security and of Active Directory security
• Good Knowledge - Networking protocols
• Good Knowledge - Application Security
• Experience allowing to write scripts efficiently - Programming Skills in Bash or Python or Perl
• Good Knowledge - Offensive security tactics, techniques, tools and procedures
• Triage, following, procedures pro-active pivoting and hunting - Handling security alerts (ex: antivirus alert, suspicious email report)
• Good Knowledge - Handling security incident/intrusion

Language

• Proficiency in English, written and oral, equivalent to CEFR B2 or higher
• Ability to write clear and concise reports and technical documentation with proper justification
• Ability to explain issues at different levels of the hierarchy and in particular to management

Security Clearance

• Hold a valid NATO SECRET (or higher) security clearance