C004174 Principal Technician (Cyber Security) (NS) - THU 10 Apr

Deadline Date: Thursday 10 April 2025

Requirement: Principal Technician (Cyber Security)

Location: Northwood, GB

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 836

Required Start Date: 26 May 2025

End Contract Date: 31 December 2025

Required Security Clearance: NATO SECRET

Duties and Role:  

Under the direction of the Section Head MSS Cyberspace Security (NSO OCY 0030) the incumbent will perform duties such as the following:

• Applies and maintains specific security controls as required by organizational policy and local risk assessments
• Supports investigation of suspected attacks and security breaches
• Provides detailed and specific advice regarding the application of their specialism to the organization's planning and operations
• Installs and administers two Trellix ePolicy (ePO) Orchestrator infrastructure instances in accordance with North Atlantic Treaty Organization (NATO) directives
• Manages Trellix Endpoint Security (ENS) components required by NATO Cyber Security Centre (NCSC) policy on local and remote (deployed) devices in two security domains
• Liaises with external service lines and stakeholders to apply appropriate Trellix security policies
• Manages endpoint security components on disconnected and standalone devices in AOR
• Configures Data Loss Prevention (DLP) and File and Removable Media Protection (FRP) components in ePO and on endpoints to allow access to electronic storage media, as required
• Document routine processes in Standard Operating Procedures
• Document and maintain details of ePO configuration
• Configures and distributes two-factor authentication devices
• Performs trend analysis of routine vulnerability assessments using automated and semi-automated tools, including Nessus Tenable
• Provides vulnerability mitigation advice to stakeholders
• Supports external service providers in management of local boundary protection and cyber security monitoring infrastructure
• Provides CIS Security advice and training, as required
• Executes the incident and change management processes in accordance with the Information Technology (IT) Information Library (ITIL) Version 4 framework
• Contributes to Asset Configuration Patching and Vulnerability Management activities
• Performs other related duties, as required

Specific Working Conditions: Personal Liability and comprehensive insurance required

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• Extensive experience and familiarity with NCSC directives for configuring Trellix products including ePO, DLP, FRP, ENS, etc.
• Experience supporting deployable/deployed CIS teams and infrastructure in challenging environments and configurations
• Familiarity with NATO CIS Security directives
• Experience with VMWare virtual hosting infrastructure and applications
• Experience using Microsoft update and patch management systems, IT security frameworks and governance models, and Common Vulnerability Scoring System (CVSS) v3.X or later standards
• Familiarity ITIL Version 4 concepts including Configuration Management and Service Asset Management
• Prior experience of working in an international environment comprising both military and civilian elements