2026-0082 MISP Data, Engineering and DevOps Support (NS) BELGIUM - 25 Jun

Park Lane Recruitment
Mons, Belgium
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Mons, Belgium

Tech stack

Testing (Software)
PHP
Data analysis
Apache HTTP Server
LAMP
CakePHP
Code Review
Computer Security
Linux
DevOps
Python
MariaDB
MySQL
MVC
Red Hat Enterprise Linux - RHEL
Software Engineering
SQL Databases
User Provisioning Software
Web Applications
Scripting (Bash/Python/Go/Ruby)
Sysadmin
Tactics, Techniques and Procedures (TTPs)
Cybercrime
Software Coding
Cyber Warfare
Network Server
Vulnerability Analysis

Job description

  • The NCI Agency has been established with a view to meeting the collective requirements of some or all NATO nations in the fields of capability delivery and service provision related to Consultation, Command & Control as well as Communications, Information and Cyber Defense functions, thereby also facilitating the integration of Intelligence, Surveillance, Reconnaissance, Target Acquisition functions and their associated information exchange.

  • The NATO Cyber Security Centre (NCSC) is a team of over 200 members working to monitor and protect NATO networks. In the NCSC's role to deliver robust security services to the NATO Enterprise and NATO Allied Operations and Missions (AOM), the center executes a portfolio of programs and projects around 219 MEUR per year, in order to uplift and enhance critical cyber security services. The Portfolio ranges from Program of Work (POW) activities funded via the NATO Military Budget (MB) to Critical/Urgent Requirements (CURs/URs) and NATO Security Investment Program (NSIP) projects funded via the Investment Budget (IB). In some edge cases, projects are also funded via the Civilian Budget (CB). Projects can span multiple years and are governed by various frameworks, including the Common Funded Capability Development Governance Framework (CFCDGM).

  • The Cyber Security Information Sharing Service (CSISS) facilitates the sharing of timely and accurate information from and to a wide range of Cyber stakeholders (NATO bodies, NATO Allies and Partner Nations, Industry and Partners organizations). This is essential to maintain the cyber security strength of the organization, as a proven way forward to increase/maintain security posture, respond to Cyber Incidents and support Defensive Cyber Operations (DCO).

  • The Cyber Defence Information Sharing (CDIS) flavor of this service, is an extended service from the multiple managed MISP communities, covering Cyber Defence-relevant information (e.g. indicators of compromise, threat actors infrastructure and tactics, techniques and procedures (TTPs), vulnerabilities, ...) and enabling sharing among NATO, Nations and industries - compliant with NATO STANAG 5660 - Cyber Security Information Sharing.

Scope of Work:

The Contractor shall deliver Cyber Security Information Sharing Service (CSISS), Cyber Defence Information Sharing (CDIS) flavor outcomes, including:

  • System administration and maintenance of MISP infrastructure
  • MISP community management (organization and user provisioning, user support, ...)
  • Maintenance of existing MISP integration scripts
  • Functional testing of the MISP platform and integrations
  • (MISP) data curation and dissemination
  • The Contractor retains full responsibility for how capacity is organized to achieve these outcomes.

Requirements

It is up to the bidding company to propose and size the team that will be working to fulfilling these deliverables. Nevertheless, the expected level of service (24/7), the number of processes to document and the amount of data to be managed is likely requiring the equivalent of 3 staff.

Minimum required skillset to support the service. The minimum mandatory skillset below is per individual.

  • 5 years demonstrated experience in functional software testing.
  • 5 years demonstrated experience as sysadmin with LAMP servers - Linux, Apache, MySQL/MariaDB, PHP.
  • 3 years experience with RedHat.
  • 3 years of python scripting experience.
  • 3 years experience in MVC software development and code review of web applications mostly in PHP language and with SQL.
  • 3 years experience in data analysis.
  • 3 years experience defining and documenting business processes.
  • Very good technical understanding of the cyber threats to web-based products.
  • Good understanding of cyber security principles, best practices, concepts and technology.
  • Ability to work independently and in teams to achieve the desired goals, including the ability to monitor and support a team.
  • Ability to support high-intensity military exercises for multiple weeks.
  • Excellent organizing and communication skills.
  • Good communications and writing skills in English.

Desirable:

  • Experience as sysadmin of a MISP Threat Sharing platform.
  • Prior experience in developing code (python, PHP) for MISP.
  • Prior experience in multinational cyber exercises like Locked Shields, Crossed Swords, Cyber Coalition, etc.
  • Experience with CakePHP.
  • Prior experience in a cyber threat intelligence team.
  • Prior experience in incident response.
  • Prior experience in threat detection engineering.

Apply for this position