MISP Engineer

Misp Engineer

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium. The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program Assistance and Advisory Service (AAS) The NATO Communications and Information Agency (NCI Agency) is NATO's principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Duties and Responsibilities The contracted individual must be able to perform effectively and efficiently with minimal supervision. Within the Inform Branch and reporting to the branch head or a delegated authority, the duties of the individual mainly focus on:

System Administration:

• Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality, integrity and availability of the tool and information.
• Stand up, configure and manage dedicated MISP instances in support to multiple NATO exercises.
• Regularly update the MISP software to the latest version and support the test and validation effort for change management process.
• Configure and extend the system monitoring of those MISP installations.
• Maintain the ansible playbooks related to the MISP setup and configuration.
• Maintain and improve documentation related to the MISP installations within NATO.

Content Management:

• Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM, IDS, …
• Support the quality management effort by creating and maintaining content quality checking rules.

User and Community Management:

• Provide support to the user-community of the NATO managed MISP instances
• Provide feedback to the user-community on regular basis, and on daily-basis during exercises execution
• During exercises, lead a team of multiple MISP Operators to support information flow, quality control and user management.
• Support the streamlining and automation of user management process with a combination of IT Service Management tools (ITSM) and Identity and Access Management (IDAM) tools like Cerebrate and/or Keycloak.

MISP Training Support:

• Plan for, prepares and delivers a series of online MISP training Sessions to an exercise audience.
• Support the preparation of individual training packages for specific training audience to validate the training objectives have been met.

Essential Skills and Experience The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas:

• Very good technical understanding of the cyber threats to web- based products.
• Demonstrated experience as sysadmin with LAMP servers - Linux, Apache, MySQL/MariaDB, PHP.
• Experience with RedHat is an asset.
• Excellent python scripting.
• Experience in MVC software development and code review of web applications mostly in PHP language and with SQL.
• Experience with CakePHP is an asset
• Prior experience as sysadmin of a MISP Threat Sharing platform is a very strong asset.
• Prior experience in developing code (python, PHP) for MISP is an even stronger asset
• Prior experience in multinational cyber exercises like Locked
• Shields, Crossed Swords, Cyber Coalition, etc is an important asset.
• Good understanding of cyber security principles, best practices, concepts and technology.
• Ability to work independently and in teams to achieve the desired goals, including the ability to monitor and support a team.
• Excellent organizing and communication skills.

Language Proficiency:

• Business English

Working Location:

• Mons, Belgium

Working Policy:

• On-Site

Travel:

• Up to 6 weeks of travel in total to other NATO sites will be required

Security Clearance:

• Valid National or NATO Secret personal security clearance