MISP Engineer

Spektrum supports apex purchasers (NATO UN EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services specialised aerospace and defence sales delivery and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATOs member countries and its partners. The agency was established in 2012 and is headquartered in Brussels Belgium.

The NCIA provides a wide range of services including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATOs communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATOs military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATOs mission to detect deny and defeat threats to its communication networks.
• Information Management: The NCIA manages NATOs information technology infrastructure including its databases applications and servers.

Overall the NCIA plays a critical role in ensuring the security and effectiveness of NATOs communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATOs principal C3 capability deliverer and CIS service provider. It provides maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV and when required stand together in the face of attack under Article V.

To provide these critical services in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorises: NATO International Civilians (NIC)s Military (Mil) and Interim Workforce Consultants (IWC)s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Duties and Responsibilities

The contracted individual must be able to perform effectively and efficiently with minimal supervision. Within the Inform Branch and reporting to the branch head or a delegated authority the duties of the individual mainly focus on:

System administration:

• Proactively manage and maintain the multiple servers running the MISP software ensuring the necessary confidentiality integrity and availability of the tool and information.
• Stand up configure and manage dedicated MISP instances in support to multiple NATO exercises.
• Regularly update the MISP software to the latest version and support the test and validation effort for change management process.
• Configure and extend the system monitoring of those MISP installations.
• Maintain the ansible playbooks related to the MISP setup and configuration.
• Maintain and improve documentation related to the MISP installations within NATO

Content Management:

• Developing (python) and maintain scripts to further automate and integrate MISP with other subsystems within NATO such as the SIEM IDS
• Support the quality management effort by creating and maintaining content quality checking rules.

User and Community Management:

• Provide support to the user-community of the NATO managed MISP instances
• Provide feedback to the user-community on regular basis and on daily-basis during exercises execution
• During exercises lead a team of multiple MISP Operators to support information flow quality control and user management.
• Support the streamlining and automation of user management process with a combination of IT Service Management tools (ITSM) and Identity and Access Management (IDAM) tools like Cerebrate and/or Keycloak.

MISP Training support

• Plan for prepares and delivers a series of online MISP training Sessions to an exercise audience.
• Support the preparation of individual training packages for specific training audience to validate the training objectives have been met.

Essential Skills and Experience

The required skillset for the contracted individual is extensive knowledge and experience (more than 5 years) in the following areas:

• Very good technical understanding of the cyber threats to web- based products.
• Demonstrated experience as sysadmin with LAMP servers - Linux Apache MySQL/MariaDB PHP.
• Experience with RedHat is an asset.
• Excellent python scripting.
• Experience in MVC software development and code review of web applications mostly in PHP language and with SQL.
• Experience with CakePHP is an asset
• Prior experience as sysadmin of a MISP Threat Sharing platform is a very strong asset.
• Prior experience in developing code (python PHP) for MISP is an even stronger asset
• Prior experience in multinational cyber exercises like Locked
• Shields Crossed Swords Cyber Coalition etc is an important asset.
• Good understanding of cyber security principles best practices concepts and technology.
• Ability to work independently and in teams to achieve the desired goals including the ability to monitor and support a team.
• Excellent organizing and communication skills.

Language Proficiency

• Business English

Working Location

• Mons Belgium

Working Policy

• On-Site

Travel

• Up to 6 weeks of travel in total to other NATO sites will be required

Security Clearance

• Valid National or NATO Secret personal security clearance