Home
Jobs
EMW
C004123 CIS Security Engineer (CTS) - MON 31 Mar

C004123 CIS Security Engineer (CTS) - MON 31 Mar

On site

Mons, Belgium

Freelance

18-03-2025

Share this job:

Score my CV Apply

Job Specifications

Deadline Date: Monday 31 March 2025

Requirement: CIS Security Engineer

Location: Mons, BE

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 836

Required Start Date: 12 May 2025

End Contract Date: 31 December 2025

Required Security Clearance: NATO COSMIC TOP SECRET

Duties and Role:

Provide information security oversight of all NISC Managed CIS and networks within the Agency, both for internal operations and for Agency's customer-funded Networks, Programme of Work, and ensures the adequate level of systems/data protection in accordance with NATO INFOSEC policies and directives;
Design, deploy, configure, maintain and operate the NISC ePolicyOrchestrator (EPO) managed security tools installations including but not limited to Trellix ENS, DLP, MAC, RSD, TIE, HX, ensuring the approved security configurations are implemented and maintained throughout entire Trellix products' lifecycle;
Design, deploy, configure, maintain and operate the Active Directory (AD) security solutions and tools for NISC managed CIS, ensuring continuous AD security monitoring and vulnerabilities remediation coordination;
Is responsible for provision of expert advice, in coordination with NCSC, on the adequate level of information security posture and for ensuring such advice, where appropriate, is implemented under governance of NATO Security Accreditation Board;
Ensure adequate level of systems/data protection in accordance with NATO Security policies and directives;
Conduct remediation activities in collaboration with the NCI Agency Service Delivery Managers;
Conduct internal vulnerability assessment testing on NISC systems and provide associated reporting;
Provide feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes;
Performs other duties as required

Requirements

Skill, Knowledge & Experience:

The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
Expert knowledge of Trellix ePO and managed products (ENS, DLP, MAC, RSD, TIE, HX);
Comprehensive knowledge of the principles of computers and communication security, networking, and the vulnerabilities of modern operating systems and applications;
Experience with implementation and integration of CIS Security protective measures in Active Directory based environments;
Experience with Cyber Hygiene and the top 20 Critical Security Controls for effective cyber defence;
Ability to investigate and analyse complex scenarios and solve problems in innovative ways;
Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
Writing and Reporting - Writes convincingly; writes clearly, succinctly and correctly; avoids the unnecessary use of jargon or complicated language; writes in a well-structured and logical way; structures information to meet the needs and understanding of the intended audience
Working with People - Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well
Applying Expertise and Technology - Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organizational departments and functions

About the Company

EMW was founded in 1995 by engineers and managers who formerly held senior positions in well known telecommunications and information technology companies to pursue their vision for this new company. Our core business is providing information and communication technology services in the areas of planning, engineering and implementation; project and program management; systems integration; operations and maintenance; and training. Our competencies range over all aspects of inside and outside plant; feeder, access and inter-o... Know more

Related Jobs

Company Name: DigiTech Resourcing
Job Title: Security Operations Engineer
Job Description: Are you a SecOps Engineer? Are you focused on network & infrastructure support? Are you a team player? If the answer is yes to any of the above, then we have a new opportunity for you - Security Operations Engineer required for the following - Location - Brussels, Belgium Duration - Initial 12 month contract + further extension Start - ASAP Working Mode - Hybrid Day Rate - 500 Euros Per Day Task will include - Analyse the calls, tickets and technical findings that come from our external central SOC and convert them into concrete actions for the infrastructure team to follow Work closely with the Cyber Security team regarding topics such as - technical aspects of audits, assessments, Pentests and compliance & governance Support the technical development of larger and smaller Cyber Security related projects & topics Support with monitoring of Cyber Security products, platforms and applications (Active Directory, FortiAnalyser, Nessus, SentinelOne,etc) Candidates should have previous experience in SecOps , with knowledge of any or similar security platforms / products such as SentinelOne, Darktrace, Nessus, Fortinet product portfolio Comfortable in Windows Operating System Knowledge of Microsoft Powershell Knowledge of SQL Server Queries Knowledge of Active Directory Domain Services will be a huge bonus Candidates with knowledge & interests in the latest IT technologies are welcomed - Windows Server, System Center, clustering, SQL Server, SAN, back-up & restore, Hyper-V virtualisation, Web Application Firewalls (WAF), Internet Information Services (IIS), Kerberos, NTLM, constrained delegation, certificates, encryption, SMB Please note - We require candidate with Dutch language skills, in addition to English

Company Name: Source Technology
Job Title: Cyber Security Engineer
Job Description: Job Title: Red Team Engineer (Cobalt Strike & Outflank) Location: Brussels Job Type: Freelance About the Role: We seeking an experienced Red Team Engineer to conduct advanced adversary simulations using Cobalt Strike and Outflank Security Tooling (OST). You will simulate real-world threats, identify vulnerabilities, and enhance security defences. Key Responsibilities: Execute red team operations using Cobalt Strike and OST. Develop custom payloads and evasion techniques. Perform initial access, privilege escalation, and lateral movement. Work with blue teams to improve detection and response. Document findings and create attack reports. Qualifications: Proficiency in Cobalt Strike, OST, and offensive security techniques. Strong skills in Windows/Linux exploitation, scripting (PowerShell, Python, C#), and EDR evasion. Knowledge of MITRE ATT&CK, Active Directory security, and network exploitation. Certifications like OSCP, OSEP, CRTO preferred

Company Name: GardPass Consulting & Space
Job Title: [4903A] Support Operation & Maintenance of Active Directory Security Assessment Too
Job Description: Start date: April 2025 Clearance: NATO Secret Location: Mons, Belgium Requirements It is mandatory to have the candidate be in possession of a NATO COSMIC TOP SECRET security clearance to facilitate follow-on engagements and coordination at NATO venues. REQUIRED PROFILE: The contractor(s) that is going to perform the identified tasks as an Operation and Maintenance Expert of Active Directory Security Assessment Tool must have demonstrated skills, knowledge and experience as listed below. Activities performed by a contractor include the lifecycle management of the Tenable Identity Exposure software (including all tasks related to A2SL inclusion), its configuration to ensure coverage of all in-scope Active Directory servers, and the regular monitoring of the availability of the capability. Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience. 3+ years of experience in IT security, with a focus on System Administration, Security Tools Management in large organisations. Strong understanding of security best practices and experience with Tenable products especially with Tenable Identity Exposure. IP switching and routing in a wired and wireless environment. Systems administration, ideally both with Windows and Linux. Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell). Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours. Experience with Service Management, monitoring and reporting tools, ideally Solarwinds. Database management skills, preferably MS SQL. Experience with system instrumentation solutions such as Ansible. Experience with Active Directory Management. DESIRABLE PROFILE The candidate should also ideally have knowledge and experience in the following areas: Experience in working with NATO. Experience of working with NATO Communications and Information Agency. Experience of working with national Defence or Government entities. Login and apply | Register and apply |

Company Name: EMW
Job Title: 2025-0036 Operation & Maint Active Directory Security (CTS) - TUE 1 Apr RELAUNCH
Job Description: Previously proposed candidates were non-compliant for the following reasons: The candidate is not suitable for the position. Lack of knowledge and experience as Windows System administrator and Windows Active Directory security. Deadline Date: Tuesday 1 April 2025 Requirement: Support Operation & Maintenance of Active Directory Security Assessment Tool Location: Mons, BE Full Time On-Site: Yes Period of Performance: 2025 BASE: As soon as possible but not later than 12th May 2025 until 31 December 2025. 2026 OPTION: 1 January 2026 until 31 December 2026 2027 OPTION: 1 January 2027 until 31 December 2027 2028 OPTION: 1 January 2028 until 31 December 2028 Required Security Clearance: NATO COSMIC TOP SECRET PURPOSE The objective of this statement of work (SoW) is to outline the scope of work and deliverables for the operation and maintenance of Active Directory Security Assessment Tool to be conducted by the selected company. The purpose of the work package is to provide support to NATO Cyber Security Centre (NCSC) to fulfil identified Active Directory Security Assessment Tool operation and maintenance activities more effectively. BACKGROUND The Office of the CIO (OCIO) Enterprise Cyber Security Posture Improvement project focuses on acquisition and implementation of state‐of‐art tools to enhance Enterprise‐wide cybersecurity capabilities considering the key cybersecurity functions. NCIA initiated a project and procured Active Directory Security Assessment Tool (Tenable Identity Exposure) providing identity unification and risk scoring, real-time attack detection and continually assessing directory services security in real-time, eliminate attack paths that lead to domain domination, and investigate and inform. To support NCSC for the execution of tasks identified in the subject work package of the project, the NCIA is looking for subject matter expertise in the delivery of complex, foundational and novel Cybersecurity capability. This contract is to provide consistent support on a deliverable‐based (completion‐type) contract, to NCSC contributing to its POW based on the deliverables that are described in the scope of work below. SCOPE OF WORK The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of Active Directory Security Assessment Tool with a deliverable based (completion‐type) contract to be executed in 2025. Service performed by a contractor include the lifecycle management of the Tenable Identity Exposure software (including all tasks related to A2SL inclusion), its configuration to ensure coverage of all in‐scope Active Directory servers, and the regular monitoring of the availability of the capability. Under the direction / guidance of the NCSC Point of Contact, a contractor will be the part of the NCSC Team supporting the following activities: System Installation and Configuration: Install and set up Tenable Identity Exposure, Ensure the software is deployed correctly across relevant environments, Set up integrations with identity systems like Active Directory, LDAP, or cloud‐based IAM solutions System Maintenance and Updates: Apply software updates and patches, Regularly update Tenable Identity Exposure and related systems to ensure the latest security patches and features are applied, Ensure that the platform is running smoothly by checking system logs, server performance, and availability, Request and build monitoring and alerting mechanisms to be aware of the issues, system resource consumption, Address technical issues, such as connectivity problems between Tenable Identity Exposure and other integrated systems or errors in scans or reports, Manage Integrations: Ensure Tenable Identity Exposure is integrated with other security solutions like SIEM (Security Information and Event Management) systems, vulnerability management platforms, or ticketing systems, Set up proper data synchronization between identity systems and Tenable Identity Exposure to ensure accurate and up‐to‐date information User and Role Management: Configure access control for the Tenable Identity Exposure platform itself, ensuring that only authorized personnel have the right level of access, Set up appropriate permissions and roles for the identity systems being monitored, ensuring seamless integration Monitoring and Reporting: Proactively review logs and alerts generated by Tenable Identity Exposure to identify any technical issues, errors, or failures in the monitoring process, Produce and distribute reports related to system health, monitoring activities, and compliance status (e.g., audit logs, system performance metrics System Documentation: Document configuration and changes: Keep up‐to‐date documentation of all configurations, integration steps, troubleshooting procedures, and system maintenance tasks, Maintain an inventory of connected systems: Keep track of all integrated identity sources, IAM systems, and external tools connected to Tenable Identity Exposure Automation and Scripting: Automate tasks: Write scripts or configure automation tasks to streamline routine system management tasks, such as regular backups, system checks, or integrations Improve system efficiency: Identify areas where automation could reduce manual intervention and improve operational efficiency The measurement of execution for this work is sprints, with each sprint planned for a duration of 1 week. The content, scope of each sprint and their related acceptance criteria are to be peer reviewed within the sprint cycle, and communicated in writing to the contractor, before beginning of each sprint. Input and guidance will be provided by NCI Agency in written from or/and during the targeted review meetings DELIVERABLES AND PAYMENT MILESTONES 4.1 Payment Schedule will be at the end of each 4 sprints, following the acceptance of the sprint report. 4.2 The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe, at a later time, depending on the project priorities and requirements. 4.3 The payment shall be dependent upon successful acceptance of the sprint report and the Delivery Acceptance Sheet (DAS) - (Annex A). 4.4 Invoices shall be accompanied with a Delivery Acceptance Sheet (DAS) (Annex A) signed by the Contractor and the NCIA POC. 4.5 The following deliverables are expected for the all platforms that are explained in scope of Service (Section 3) on this statement of work: Deliverable: 30 sprints to support Operation & Maintenance of Active Directory Security Assessment Tool as per described in Para 3 Payment Milestones: Upon completion of each fourth sprint and at the end of the service. Completion of each milestone shall be accompanied documented in Delivery Acceptance Sheet (DAS) - (Annex B), signed for acceptance by the Purchaser's authorized point of contact and the Contractor Number of sprints is calculated considering a starting date 14 April...