Let op, deze aanvraag is voor de locatie Munster (Duitsland) op locatie en niet in Nederland!!!

Opdrachtomschrijving
Role Local Security Operation center (LSOC) - Analyst Mapping cybersecurity risks and threats from a technical perspective and translating them into products used by 1GNC, by:

• a. Performing threat analysis from a technical perspective;
• b. Risk profiling from a technical perspective;
• c. Ensure the development and evaluation of technical use cases;
• d. Assessing and identifying use cases from a technical perspective;
• e. Developing technical use cases and evaluating and proposing improvements;
• f. Ensure the development and evaluation of threat and vulnerability mitigation measures - Assessing and identifying threat books from a technical perspective;
• g. Preparation of highly complex threat books.
- Detects cybersecurity vulnerabilities and threats by:
• h. Assessment of non-standard change proposals with architecture impact on cybersecurity aspects, including participation in multidisciplinary IM/IT projects;
• i. Proactively analyzing and interpreting sources to detect IT phenomena that pose a new threat to the provision of services and documenting the findings;
• j. Ensure (real-time) analysis and interpretation of correlated log data and other sources based on known threats;
• k. (real-time) Reactive analysis and interpretation of correlated log data and other sources in case of escalation by other analysts.
- Take mitigating measures to address or prevent threats and vulnerabilities of any size and complexity, by:
• l. Determining the impact of identified threats and vulnerabilities and deciding on mitigation measures to be taken;
• m. Commissioning of mitigating measures;
• n. Monitoring of mitigation orders issued;
• o. Deciding on escalation of vulnerabilities and threats outside the 1GNC;
- Escalating vulnerabilities and threats to NATO/DEU and NLD within the security domain;
• p. Acting as security disaster manager during working hours
• q. Identifying business impact indicators.
- Ensures the management of the information, data and processes used within 1GNC:
• r. Ensuring the operation and quality of the connection of external system content to 1GNC equipment;
• s. Ensuring the management of the source data used within 1GNC including asset model and network model;
• t. Ensuring the management of the use case database;
• u. Ensuring that the relevant processes, procedures and work instructions are kept up to date.
- Contributes to the cybersecurity strategy and policy within 1GNC by:
• v. Establishment of technical maintenance and equipment frameworks within 1GNC;

assignment Within the G6 branch: ensuring a reliable, effective, secure and interrupted use of all relevant C2IS and CIS-systems in the PHQ and upon activation

Achtergrond opdracht
Within the G6 branch: ensuring a reliable, effective, secure and uninterrupted use of all relevant C2IS and CIS-systems in the PHQ and upon activation during operations.

Eisen

• Candidate has proven workingexperience in a multi-national environment.
• Candidate has proven experience in working in a SOC (Security Operation Center).
• Candidate has proven experience in Security Information and Event Management.
• Candidate has proven experience in Cyber Incident Management.
• Candidate has experience/training/education with SIEM -LOGPoint, Elastic, Splunk.
• Candidate has experience with Incident handling processes - Security of critical infrastructures.
• Candidate has experience with Cyber Threat intell -MISP -Security Analytics.
• Proven numbers of Work- and thinking level (general and specific) years Knowledge and experience Candidate is proficient in English at level 3332.

Wensen

• Knowledge of communications and/or information networks is preferred.
• Certified in Risk and Information Systems Control is preferred.
• University Master of Science Cybersecurity and Digital Forensics is preferred.
• Certified in ITIL is preferred.
• Cyber Threat intell Course is preferred.
• Cisco Certified Network Associate Course.
• Open-Source Intell Course is preferred.
• A B S 5 ג M r H m
• Proficiency in the German language is preferred.
• Knowledge about Incident handling process for an area with inceased security requirements is preferred.

Aanvullende Informatie
Wanneer u bij ons als leverancier een professional aanbiedt en deze wordt geplaatst, hebben we informatie van u als contractpartij nodig, onder andere met betrekking tot de Wet keten- en inlenersaansprakelijkheid. De ‘WKA’ heeft als doel om misbruik te voorkomen bij de afdracht van loonheffingen bij alle schakels in de keten; van leverancier tot opdrachtgever. Wij dekken deze risico’s voor onze opdrachtgevers af middels een geblokkeerde rekening, de G-rekening. Dit is een rekening waarop een gedeelte van het factuurbedrag wordt gestort en waarvan u de loonheffingen en BTW kunt betalen aan de Belastingdienst. Het af te storten % hangt ervan af of u een SNA-certificering (NEN-4400-1 of NEN-4400-2) heeft of niet en of uw bedrijf in Nederland of daarbuiten is gevestigd. De G-rekening kunt u aanvragen bij de Belastingdienst. Indien u geen G-rekening kunt krijgen (en u kunt hier bewijs van de Belastingdienst van overleggen) dan heeft u ook de mogelijkheid elk kwartaal een accountantsverklaring (assurance report inzake inlening personeel) aan te leveren. Hierin zal een gecertificeerd accountant (AA of RA) een verklaring afgeven over de juistheid, volledigheid en tijdigheid van de afdrachten. Let wel, de kosten voor deze verklaring komen voor uw eigen rekening.