[4716] Principal Technician (CIS Security)

Start date: February 2025
Clearance: NATO Secret
Location: The Hague, Netherlands

• Knowledge of NATO Security Directives
• In-depth knowledge of web application security concepts, including common vulnerabilities (SQL injection, Cross-Site Scripting, etc.) and their mitigations
• Knowledge of cloud security models and tools (AWS, Azure, Google Cloud), and the ability to integrate Cloudflare or similar solutions to protect cloud-based applications
• Proven experience with security technologies such as WAFs, DDoS protection tools, threat intelligence platforms, and API security
• Proven experience with DNS management and troubleshooting
• Understanding of web performance optimization, CDN configurations, and strategies for ensuring the efficient delivery of content globally
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
• Proven experience working with governance bodies to ensure compliance with security regulations and standards
• Experience with managing and deploying SSL/TLS certificates and understanding of PKI management
• Experience with website monitoring and alerting. Skills: Writing and Reporting
• Writes convincingly; writes clearly, succinctly and correctly; avoids the unnecessary use of jargon or complicated language; writes in a well-structured and logical way; structures information to meet the needs and understanding of the intended audience. Working with People
• Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well. Applying Expertise and Technology
• Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organisational departments and functions

Activities

- Work closely with Service Delivery Manager to support service delivery and service operations
- Serve as a key point of contact for customers reporting issues related to web security, performance, and availability
- Respond promptly to customer queries, investigate reported issues, and provide clear communication on status and resolution timelines
- Provide ongoing monitoring and oversight of the security and performance of websites and applications
- Ensure continuous improvement and adaptation of security measures to evolving threats
- Ensure timely renewal of certificates and manage certificate chains to avoid vulnerabilities related to expired or misconfigured certificates
- Deploy and manage Web Application and API Protection (WAAP) solutions to prevent threats like SQL injections, cross-site scripting (XSS), and other application-layer attacks Configure and monitor Distributed Denial of Service (DDoS) protection tools to mitigate large-scale attack efforts
- Manage and optimize the use of Content Delivery Networks (CDNs) to ensure fast and reliable content delivery to end users
- Set up and maintain load-balancing configurations to ensure website availability and minimize downtime, even under heavy traffic
- Oversee the implementation of website monitoring tools that track uptime, page load times, and other key performance indicators (KPIs)
- Performs other duties as required