CIS Security Officer

EXPERIENCE AND EDUCATION:

Essential Qualifications/Experience:

·         Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in a CIS Security related post. Alternatively, exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post

·         Comprehensive knowledge of the principles of computer and communication security, networking, the vulnerabilities of modern operating systems and applications and top Critical Security Controls for effective cyber defence

·         Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) certification

·         Ability to investigate and analyse complex scenarios and solve problems in innovative ways

Desirable Qualifications/Experience:

·         Knowledge of mobile data communications, in particular satellite or radio based networks

·         Knowledge of and prior experience with NATO security policies and directives, security accreditation framework and risk assessment methodology

·         Hands-on experience with implementation and integration of CIS Security protective measures in large CIS

·         Prior experience of working in an international environment comprising both military and civilian elements

DUTIES/ROLE: 

·         Ensure adequate level of systems/data protection is implemented for NIMSC managed CIS in accordance with NATO Security policies and directives

·         Conduct security audit for NIMSC managed CIS and develop the associated report

·         Support the development of plans for the remediation/mitigation of the identified deficiencies for NIMSC managed CIS

·         Produce security accreditation documents set for NIMSC managed CIS following NATO risk management methodology. This includes CIS Description, Security Accreditation Plan, Security Risk Assessment Report, Security Requirement Statements, Security Operating Procedures, Security Test and Verification Plan

·         Advise NIMSC staff on best practice with regards to daily security tasks; develop and deliver CIS Security awareness presentations

·         Provide feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes

·         Coordinate the remediation activities for the deficiencies pointed out by vulnerability assessments and penetration tests performed on NIMSC systems

·         Contribute to the creation and maintenance of the NIMSC CIS Security Risk and Issue Register

·         Support the identification of security-related Key Performance Indicators and generating reports to ensure full visibility of the overall NCI Agency Information Security posture

·         Deputize for higher grade staff, if required

·         Perform other duties as may be required