Descripción de la oferta
LocationLa Spezia, Italy
Security ClearanceNATO Secret
Reference NoVS/CMRE-40 / La Spezia
Deadline25/05/2026
Required Qualifications
Experience in the design or implementation of security controls within a formal security management framework (e.g. ISO 27000, NIST SP-800 series, or other national equivalents).
Advanced knowledge of security systems including one or more of the following domains: anti-virus applications, content filtering, firewalls, authentication systems, vulnerability management solutions, IDS/IPS, DLP, SIEM platforms.
Experience supervising technical teams or managing security projects.
Experience preparing technical documentation and Standard Operating Procedures.
Bachelor’s degree in a related discipline (Computer Engineering, Computer Science, etc.) from a nationally recognised or certified university, with 3 to 5 years of post‑graduation experience.
English proficiency with a proficiency level of SLP 3333.
Experience with NATO or national security accreditation processes.
Security‑management certifications (e.g. CISSP, CRISC, CISM) or equivalent.
Technical certifications relevant to the post (e.g. GIAC, CCNP‑Security, CompTIA Security+) or equivalent.
Advanced knowledge of web application security, including OWASP Top 10, secure SDLC, authentication/authorization mechanisms, API security, and web application security.
Experience implementing security controls in Databricks environments on Microsoft Azure, including Unity Catalog, workspace security, cluster policies, secret scopes, network isolation (VNet injection, private endpoints), and secure data access patterns.
Experience conducting web application penetration testing and security assessments.
Experience with container security and orchestration platforms.
Experience designing, implementing, and managing networks based on Cisco technologies.
Experience with configuration and management of network monitoring and event management systems (e.g. Splunk or SolarWinds).
Experience managing security incidents.
Experience with NATO security policies.
Experience with security risk management.
Responsibilities
Provide professional contributions to help achieve and maintain security accreditation for CMRE systems and applications, data acquisition, processing and storage, and their interfacing with other CIS, across the life cycle.
Advise, within a project structure, on cost‑effective countermeasures to mitigate security risks during development and operation phases of the CIS life cycle.
Implement and operate prescribed security controls under a security‑accreditation framework, supervised by the CIS Provider and controlled by Security Staff.
Document the architecture, configuration, and security posture of CIS to inform risk‑management activities of the Security Organization.
Implement security best practices and controls under the supervision of the CIS Provider.
Plan, implement, and upgrade CIS.
Analyze security breaches to determine root causes.
Contribute to the definition, implementation, and maintenance of corporate security policies.
Supervise and manage technical teams as required.
Undertake security testing in accordance with an agreed Security Testing & Verification (ST&V) plan.
Support the CIS Provider in formulating Security Operating Procedures (SecOPs) for the CIS.
Contribute to maintaining configuration baselines through configuration management and change control.
Support the CIS Provider in periodic vulnerability assessments under the control of Security Staff and in accordance with the requirements of the Security Accreditation Authority.
Provide regular training and awareness to project staff.
Support periodic security audits performed by Security Staff and the Security Accreditation Authority.
#J-18808-Ljbffr
