C004270 Principal Technician (Cyber Security) (NS) - THU 26 Jun

Deadline Date: Thursday 26 June 2025

Requirement: Principal Technician (Cyber Security)

Location: Norfolk, VA, US

Full Time On-Site: Yes

Time On-Site: 100%

Total Scope of the request (hours): 608

Required Start Date: 11 August 2025

End Contract Date: 31 December 2025

Required Security Clearance: NATO SECRET

Duties and Role:  

The Technician (Cyber Security) assists with maintaining the ongoing confidentiality, integrity and availability of Agency systems and services. This is achieved with a focus on cyber security awareness and compliance, accreditation support and cyber incident response.

The Technician serves as the primary point of contact for endpoint security management, firewall and network management monitoring solutions, and vulnerability scan operations. This role supports cyber event investigations and events.

Information security

• Applies and maintains specific security measures as required by organisational policy and local risk assessments.
• Contributes to the identification of risks that arise from potential technical solution architectures.
• Suggests alternate solutions or countermeasures to mitigate risks.
• Defines secure systems configurations in compliance with intended architectures.
• Supports investigation of suspected attacks and security breaches.

Information assurance

• Follows standard approaches for the technical assessment of information systems against information assurance policies and business objectives.
• Makes routine accreditation decisions.
• Recognises decisions that are beyond their scope and responsibility level and escalates according.
• Reviews and performs risk assessments and risk treatment plans.
• Identifies typical risk indicators and explains prevention measures.
• Maintains integrity of records to support and justify decisions.

IT infrastructure

• Carries out routine operational procedures, including the execution of specified automation tools/scripts.
• Contributes to maintenance and installation.
• Monitors and reports on infrastructure performance to enable service delivery.
• Resolves issues or refers to others for assistance.

Vulnerability assessment

• Undertakes low-complexity routine vulnerability assessments using automated and semi-automated tools.
• Escalates issues where appropriate.
• Contributes to documenting the scope and evaluating the results of vulnerability assessments.

Information Security Administration

• Works with access controls for firewalls and endpoint security solutions.
• Assists in the operation of day-to-day administrative transactions and systems.
• Performs periodic system backups and produces standard monitoring reports.
• Coordinates user access and maintains security checklists and authorization tables.
• Tests the effectiveness of new or revised information security procedures and tools.

Information Technology (IT) Security Policies

• Performs information gathering and research on key elements of IT security policies.
• Assists senior colleagues in identifying and analysing critical issues in IT security policies.
• Executes IT security policies and standards within a specific region in organization.
• Conducts performance reviews on implementation of IT security policies.
• Generates status reports for senior management to ensure the implementation of IT security policies.

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• Secondary educational qualification with 3 years post-related experience.
• At least 4 years practical experience of implementation and maintenance of cyber security systems within a large organization.
• Working experience administrating and monitoring cyber security software.
• Good understanding of cyber security systems and the ability to work independently to solve problems.
• Working experience troubleshooting technical issues and providing technical support to end-users.
• Detailed knowledge and working experience of security and networking technologies including IPv4, Firewalls, Virtual Private Networks, Proxy Servers, Intrusion Detection and Forensic tools;
• Training/Certifications (Desirable): Security Professional certification (CEH, GIAC, ISC2, or other relevant certification)