Cyber Defence Situational Awareness (CDSA) Tool Manager
Posted on Jan 24, 2020 by LA International Computer Consultants Ltd
*Provide CDSA subject matter expertise to NCIRC Operations and Service Delivery management covering all stages of the CDSA Service Lifecycle (eg Service Design, Transition, Operations, Change Management and Continual Service Improvement) Develop and validate Level 1 and Level 2 Support & Maintenance Procedures Carry out Routine Health monitoring and preventative maintenance tasks for CDSA Provide CDSA Early Life Support (ELS) to all CDSA stakeholders including:
*Management & resolution of all Level 1 & Level 2 issues working in conjunction with the existing IT Service Management framework and personnel- On-site CDSA expertise coordinating with the existing NCIRC Support Team and Operations Management
*Acting as on-site point of contact for support engagements, including handover of Level 3 & 4 support issues, to contracted deep level vendor support teams
*Work out implementation plans for new capabilities and take ownership to ensure rapid implementation of those new tools and optimizations.
*Initiate, prepare, follow and defend the specialist applications upgrades in front of the Change Management Board.
*Implement the approved changes.
*Develop scripts and code to facilitate the integration of the different tools.
Skills and Experience:
Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 2 years' experience in as Security Tool Analyst (STA), Security Tool Manager or a similar position involving technical ICT engineering knowledge, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience.
Demonstrable hands-on experience and a high level of technical knowledge covering:
*Data fusion platforms and data source integration via APIs, flat file transfer, STIX, Business/Service BUS (preferably REDHAT JBoss Fuse), DropZones
*Risk management tools/platforms (preferably RSA Archer)
*Data visualisation & reporting tools/platforms (preferably Edge Suite)
*SQL Databases (preferably MS SQL) including administration and querying
*Investigating and resolving issues in complex ICT systems, including Enterprise Server (eg RHEL & Windows) and Database (preferably MS SQL or Oracle) technologies
*Network infrastructures and virtualised environments (preferably VMWare)
*Experience working in a Cyber Security role with at least a basic understanding of the practices and/or technologies employed. For example NIPS/NIDS; Packet Capture; SIEMs; Log Collection;
*Computer Forensics; Vulnerability Management
*Experience in Scripting in powershell or python.
*Able to develop clear and concise technical documentation, including procedures
*Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
*Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
*Able to deliver under pressure, tight deadlines and flexible, targets.
*Experience in language oriented programming (.NET, C#, VBA)
*Experience in defining, implementing and validating NCIA NCSC security settings
*Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
*A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
*Prior experience of working in an international environment comprising both military and civilian elements.