#NC25ICT181502 - Continuous Vulnerability Assessment (CVA) Deployable Communication System (DCIS) Tool Management Support - Closed
Deadline: September 1, 2025
Requester: NATO
Location: Mons, Belgium
Start date: October, 2025
Security clearance: NATO COSMIC TOP SECRET
SCOPE OF WORK / DUTIES / ROLES
Under the direction of the NCSC Operational Tolling Management Section Head the contractor shall deliver the following:
- Daily: Verify that the Continuous Vulnerability scans are configured correctly and that information collected is accurate & complete;
- Daily: Identify possible scan gaps, authentication failures and engage with relevant service provider to remove those gaps and eliminate reasons for authentication failure;
- Daily: Review existing scan policies, fine tune and improve them at the same time;
- Weekly: Upon completion of scheduled scans, deliver a comprehensive vulnerability report to each stakeholder under you area of responsibility taking into account all vulnerabilities posing a security risk, remediation actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each Wednesday/Thursday before Close of Business. No weekly report is due if that week does not include any working day (for instance: long official holidays such as Christmas break);
- Monthly: deliver vulnerability report to stakeholders, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphic way the trend of the security posture of CIS assets. The monthly report is expected to be delivered in the week of Microsoft patch Tuesday (second Tuesday of the month).
REQUIRED SKILLS, KNOWLEDGE AND EXPERIENCE
- Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience;
- 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations;
- Strong understanding of security best practices and experience with Tenable products especially with Tenable Security Center;
- IP switching and routing in a wired and wireless environment;
- Virtual Infrastructure management based on VMWare technologies;
- Systems administration, ideally both with Windows and Linux;
- Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell);
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours;
- Comprehensive understanding of principles of Computer and Communication Security, networking, and vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience;
- Strong analytical and problem-solving skills;
- Excellent communication abilities, written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams;
- Experience with threat intelligence, incident response and remediation a plus;
- Knowledge of python (pyTenable) and PowerShell. Experience working with Tenable.SC and Nessus Manager APIs is a plus;
- Knowledge of NATO organization and its IT infrastructure is a plus;
- Experience with Service Management, monitoring and reporting tools, ideally Solarwinds is a plus;
- ITIL Service Management certifications is a plus;
- Experience with system instrumentation solutions such as Ansible is a plus;
- Certifications such as CISSP, CISM, or CISA is a plus;
- Previous experience working for Cyber Security related organisations (CERTs, security offices) is a plus;
- Previous experience working in an international environment comprising both military and civilian elements is a plus.
This position is now closed.
We regularly add new positions. We suggest exploring other available opportunities and staying updated by following our LinkedIn page.
If you don’t find any suitable opportunities, you can send us your CV, as an open application. However, we will not submit you to any vacancies without your written consent.