Back to jobs

Cyber Security Architect

Capellen, Luxembourg

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Introduction

NSPA are looking for engineers to support their Cyber Security infrastructure to covering day to day and project activities, in addition providing Cyber Security services to NSPA customers or partners from across the NATO nations.

Day to Day Activities

  • Planning and carrying out the replacement of products or technologies within the infrastructure. This will involve developing time schedules, collaborating with the helpdesk, communicating with the customers, configuring the new equipment and performing the actual migration work. Following this, documentation and diagrams will have to be updated.
  • Operating and maintaining a wide variety of different cyber security solutions on a day-to-day basis, including but not limited to: Network firewall, web proxy, mail proxy and anti-spam, antivirus for servers, DMZ segregation, web application firewall, intrusion prevention, SIEM log correlation and reporting, managed file transfer, certificates, strong authentication etc.
  • Providing support on various cyber security tasks and operations, such as incident response, troubleshooting, change management, write and implement security procedures for operating security solutions, lifecycle management, security and risk assessments, etc.

Project Activities

  • Assessment of new cyber security products or technologies. This will involve researching the product, liaising with the manufacturer, arranging for a lab trial, conducting a test phase and then writing a report and making recommendations to NSPA.
  • Design and implementation of new secure solutions for various projects and to ensure that NSPA Cyber Security posture remains adequate and aligned with best practices.
  • Operating effectiveness testing and improvement of existing cyber security controls involving various cyber security technologies (including but not limited to network firewalls, Web Application firewalls, SIEM, Network IPS, e-mail protection, web browsing protection, Public Key Infrastructure, Medium and Strong authentication, etc.).
  • Cyber Security advisory and support provided for various customer projects.
  • Cyber Security penetration testing project.

Working Location

  • Main working location: Capellen, Luxembourg (NSPA HQ)
  • Some projects may require business travel to other sites
  • Some remote/hybrid work may be required

Working Hours

  • Monday to Thursday:
    • Arrival 06:00 to 09:00
    • Lunch break Minimum 30 minutes 11:45 – 13:45
    • Departure 16:15 to 20:00
  • Friday
    • Arrival 6:00 to 9:00
    • Departure 12:15 to 17:00
  • Public Holiday of Luxenberg will be applicable
  • Some on-call duties and weekend work will be required on a rotation basis

Project Duration

  • 3 years + 2 Years

 Mandatory Requirements

  1. Professional Experience
    1. Proven experience of at least 5 years in IT Cyber Security.
    2. Proven experience of at least 1 year in a NATO environment.
  2. Proven experience and skills (Minimum 8 of the below)
    1. Next Generation Firewalls (including Intrusion Detection/Prevention System), 
    2. Web Application Firewalls and Reverse Proxies, 
    3. Web Proxies
    4. E-mail gateways
    5. Vulnerability Management
    6. Anti-malware, sandboxing and endpoint protection technologies
    7. Public Key Infrastructures (PKIs), smartcards and user authentication technologies
    8. Mobile Device Management (MDM)
    9. Apple infrastructure and iOS management
    10. Security Incident Event Management (SIEM) 
    11. Multi-Factor authentication
    12. Privileged Access Management
    13. Good Knowledge - Ability to troubleshoot and solve issues involving the aforementioned technologies
  3. Skills
    1. Good Knowledge - Web application penetration testing
    2. Good Knowledge - Mobile application penetration testing
    3. Good Knowledge - Source code vulnerability analysis
    4. Good Knowledge - Ability to identify and exploit web vulnerabilities  (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.) 
    5. Good Knowledge - Ability to identify and exploit mobile vulnerabilities  (API issues, insecure storage, memory corruption, deep links, etc.) 
    6. Good Knowledge - Network penetration testing experience 
    7. Good Knowledge - Protocol analysis 
    8. Good Knowledge - CTF experience
    9. Good Knowledge - Secure coding practices 
    10. Good Knowledge - Cryptography 
    11. Good Knowledge - Red and Blue team experience
  4. Proven knowledge of
    1. Good Knowledge - Cloud Architecture and Security
    2. Good Knowledge - Operating System (Windows and Linux) security and of Active Directory security
    3. Good Knowledge - Networking protocols
    4. Good Knowledge - Application Security
    5. Experience allowing to write scripts efficiently - Programming Skills in Bash or Python or Perl
    6. Good Knowledge - Offensive security tactics, techniques, tools and procedures
    7. Triage, following, procedures pro-active pivoting and hunting - Handling security alerts (ex: antivirus alert, suspicious email report)
    8. Good Knowledge - Handling security incident/intrusion 
  5. Language
    1. Proficiency in English, written and oral, equivalent to CEFR B2 or higher
    2. Ability to write clear and concise reports and technical documentation with proper justification
    3. Ability to explain issues at different levels of the hierarchy and in particular to management
  6. Security Clearance
    1. Hold a valid NATO SECRET (or higher) security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up. 

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Provide your LinkedIn URL address for your profile, if you have one

Select...

Due to the mandatory requirements from our clients, there can be Nationality/Citizenship requirements, for the role you are applying for, the following nationality restrictions may apply: 

NATO Nationality Requirements - NATO Member Country List

EU Nationality Requirements - EU Member Country List

 

 

 

Some of our clients have restrictions regarding dual nationality citizens

What is your primary or secondary nationality/citzenship status?

Select...

Select your primary job categories which you are professional suitable for or aim to be in future

What are your professional sub-categories for the previously selected job families *

You can multi select from the list, this is irrelevant for the role you are applying for and an indication of the areas you would like to work within

What are your preferred working locations *

The locations you identify in this are the ones you would prefer to work from, either as a remote worker or as an onsite worker, these are unrelated to your application responses for this role.

Select...

This is an unrelated question to the role you are applying for and only to help Spektrum determine the best roles to send to you in future when available

Select...

What is the amount of notice period you are obliged to provide your current employer

Select...

If the advertised role identifies that a PSC is required then this must be available at time of application for the role.  Information for what is a Personal Security Clearance (PSC) can be found at the link below:

Personal Security Clearance (PSC) Background Information

A national only PSC does not prevent you from applying for roles which require NATO or EU PSC.

Select...

Do you have an RTM for the country for which this role requires