Duties and ResponsibilitiesThe successful candidate, depending on the specific post (multiple positions envisioned), will be performing the following duties:Provides professional contributions to assist in achieving and maintaining security accreditation for CMRE systems and applications, data acquisition, processing and storage, and their interfacing with other CIS, across the lifecycle (development, implementation, operation, enhancement, withdrawal from service).Within a project structure, advises on cost‐effective countermeasures to minimize the security risks anticipated during the development and operation phases of the CIS life cycle.Within a framework of security accreditation, implements and operates the prescribed security controls under the supervision of the CIS Provider and under the control of Security Staff.Documents the architecture, configuration and security posture of CIS in use within CMRE to inform the risk management activities of the Security Organization.Implements security best practices and security controls, under the supervision of the CIS Provider.Plans, implements and upgrades CIS.Analyses security breaches to determine their root cause.Contributes to define, implement and maintain corporate security policies.Supervises and manages technical teams as required.Undertakes security testing in accordance with an agreed Security Testing & Verification (ST&V) Plan.Supports the CIS Provider in the formulation of Security Operating Procedures (SecOPs) for the CIS.Contributes to the maintenance of configuration baselines through configuration management and change control.Supports the CIS Provider in undertaking periodic vulnerability assessments, under the control of Security staff and in accordance with the requirements of the Security Accreditation Authority.Provides regular training and awareness to other project staff.Supports periodic security audits performed by Security Staff and the Security Accreditation Authority.Essential QualificationsProfessional/ExperienceExperience in the design or implementation of security controls within a formal security management framework (e.g. Non è sicuro/a delle competenze necessarie per questa opportunità? Legga la descrizione completa qui sotto per avere un quadro completo dei requisiti richiesti. ISO 27000, NIST SP‐800 series, or other national equivalents).Advanced knowledge of security systems including one or more of these domains: anti‐virus applications, content filtering, firewalls, authentication systems, vulnerability‐management solutions, IDS/IPS, DLP, SIEM platforms.Experience in supervision of technical teams or managing security projects.Experience of preparing technical documentation and Standard Operating Procedures.Education/TrainingA minimum requirement of a Bachelor's degree at a nationally recognised/certified university in a related discipline (Computer Engineering, Computer Science, ...) and 3 to 5 years of post‐related experience (junior/senior).Desirable QualificationsExperience with NATO or national Security Accreditation process.Security management certifications (e.g. CISSP, CRISC, CISM, or equivalent).Technical certifications relevant to the post (e.g. GIAC, CCNP‐Security, CompTIA Security+, or equivalent).Advanced knowledge of web application security including OWASP Top 10, secure SDLC, authentication/authorization mechanisms, API security, and web application security.Experience implementing security controls in Databricks environments on Microsoft Azure including Unity Catalog, workspace security, cluster policies, secret scopes, network isolation (VNet injection, private endpoints), and secure data access patterns.Experience conducting web application penetration testing and security assessments.Experience with container security and orchestration platforms.Experience with design, implementation and management of networks based on Cisco technologies.Experience with configuration and management of network monitoring and event management systems (e.g. Splunk or Solarwinds).Experience with security incident management.Experience with NATO security policies. xivgfpx Experience with security risk management. #J-18808-Ljbffr