Cybersecurity Operations Specialist for NATO with secuirity clearance

The successful candidate will support the protection monitoring and defense of the organizations technology infrastructure and data assets. They will operate and optimize security tools such as Trellix EDR Splunk SIEM Sonatype Nexus and Tenable Nessus to detect analyse and respond to cyber threats.

Along with these technical skills the incumbent will exercise analytical and coordination capabilities collaborate with IT and DevOps teams engage with external vendors or service providers and must be able to communicate with peers and management on cybersecurity posture incidents and risk mitigation progress.

DUTIES AND RESPONSIBILITIES

Monitoring and analysing security events through Splunk SIEM correlating data from endpoints network and vulnerability systems.

Operating Trellix Endpoint Security and EDR to identify contain and remediate endpoint threats and suspicious activities.

Supporting the vulnerability management process by running and reviewing Tenable Nessus scans and coordinating remediation with IT teams.

Ensuring secure software management practices through Sonatype Nexus identifying vulnerable dependencies and supporting secure DevSecOps pipelines.

Participating in incident response activities including detection triage containment eradication and recovery.

Developing and maintaining Splunk detection rules dashboards and automated alerts aligned with the MITRE ATT&CK framework.

Documenting security events maintaining SOC playbooks and supporting internal and external compliance audits (ISO 27001 NIST CSF GDPR).

Providing situational awareness reports and communicating risk insights to management and stakeholders.

Contributing to the continuous improvement of the Security Operations Center (SOC) by proposing new use cases and optimizing detection coverage.

SKILLS / REQUIREMENTS

Mandatory

Three years experience in Cybersecurity Operations SOC Analysis or Incident Response roles.

Demonstrated experience with

o EDR platforms (Trellix Endpoint Security / ePO).

o SIEM solutions (Splunk).

o Vulnerability scanners (Tenable Nessus).

o Software component analysis tools (Sonatype Nexus).

Strong understanding of threat detection incident handling and vulnerability management processes.

Familiarity with network protocols (TCP/IP DNS HTTP/S SMTP) and log analysis techniques.

Knowledge of MITRE ATT&CK NIST 800-61 and ISO 27035 security incident frameworks.

Ability to manage multiple incidents or investigations in a fast-paced operational environment.

Excellent analytical troubleshooting and reporting skills.

Desirable

Professional certifications such as GCIA GCIH Splunk Certified Power User Trellix Certified Specialist or Tenable Certified Practitioner.

Experience developing detection logic correlation searches or automation workflows in Splunk or SOAR platforms.

Knowledge of scripting languages such as Python PowerShell or Bash for automation and data enrichment.

Exposure to DevSecOps practices and secure software development lifecycle (SDLC) integration using tools like Sonatype Nexus.

Familiarity with threat intelligence platforms (TIPs) and integration of IOCs into SIEM systems.

Database knowledge (SQL / NoSQL) for data correlation or threat hunting.

Strong written and verbal communication skills capable of documenting incidents and presenting findings to technical and non-technical audiences.

Ability to work effectively in a SOC team environment or independently during critical response operations.

Commitment to continuous learning and staying current with emerging cyber threats vulnerabilities and technologies