Cyber Forensics Specialist for NATO with security clearance

Would you like to join the leading international intergovernmental organization

The NATO Cyber Security Centre (NCSC) is a team of over 200 members working to monitor and protect NATO the NCSCs role to deliver robust security services to the NATO Enterprise and NATO Allied Operations and Missions (AOM) the centre executes a portfolio of programmes and projects around 219 MEUR euros per year in order to uplift and enhance critical cyber security services. The Portfolio ranges from Programme of Work (POW) activities funded via the NATO Military Budget (MB) to Critical / Urgent Requirements (CURs/URs) and NATO Security Investment Programme (NSIP) projects funded via the Investment Budget (IB). In some edge cases projects are also funded via the Civilian Budget (CB). Projects can span multiple years and are governed by various frameworks including the Common Funded Capability Development Governance Framework (CFCDGM).

In order to execute this work the NCI Agency requires support with the work undertaken by the NATO Cyber Security Centre (NCSC) in the area of Communications and Information System (CIS) security cyber defence and cyberspace operations.

Purpose:

The NCSC is responsible to defend NATO networks on a 24/7 basis and as part of its cyber defence activities performs digital forensics analysis in case of suspicion or confirmed malicious activities. The Cyber Defence Analysis activities encompass digital forensics activities allowing to get understanding what has really happened during a cyber incident or in case of suspicion of an incident to confirm if the incident really happened.

The Specialized Computer Forensics - SCF environment is a dedicated environment for forensics activities. Due to lack of clear ownership it has fell in a state of inadequacy for the delivery of the service. The NCSC Cyber Security Analysis Service (SEC004) service is looking for help from the industry to bring it back in a good state.

The hardware is a mix of physical acquisition devices such as Atola PC3000 Network Attached Storage (NAS) devices powerful workstations and servers but also various disks cables converters write blockers patch panels switches and other accessories. The environment is replicated although not in exactly the same way on 2 different levels of classification. The work encompasses both total there are not more than 30 workstations and not more than 20 servers (both physical and virtual). The user base consists of less than 30 users (analysts and administrators).

Essential Qualifications & Experience:

• Demonstrable minimum 3 years of experience as system administrator

• Good knowledge of the OSI layers and protocols such as TCP/IP 802.1x VLANs

• Knowledge of digital forensics principle such as chain of custody forensically sound acquisition processes

• Knowledge of tools such as Microsoft Office (Word Excel Power Point and Visio)

• Knowledge of ITILv4 processes and change management principles

• Demonstrable 2 years of experience with Atlassian Confluence

• Demonstrable 2 years of experience with or similar network diagram tools

• Demonstrable 3 years of experience of advising companies with digital forensics processes

• At least 1 relevant certification pertaining to digital forensics: CISSP MCFE SANS GIAC...

• Good English writing and speaking skills (NATO STANAG 3333)

• Soft skills: Accuracy and Attention to Details (Precision) Patience and Persistence Methodical Organization Time Management and Prioritization Effective Communication.

If youve read the description and feel this role is a great match wed love to hear from you! Click Apply for this job to be directed to a brief questionnaire. It should only take a few moments to complete and well be in touch promptly if your experience aligns with our needs.