Connecting...

Maritime Cyber Security Operator (MCERT)

Job Title: Maritime Cyber Security Operator (MCERT)
Contract Type: Permanent
Location: London
Industry:
Salary: Competitive
Contact Name: Simon Osborne
Contact Email: simon@exforces.info
Job Published: July 01, 2019 08:57

Job Description

 

MCERT is a fast-paced, evolving and highly strategic organisation designed to meet the Cyber Security needs of the global maritime sector. Working for MCERT means maintaining the highest standards of diligence, professionalism and vigilance, in a responsive and engaging environment within the MCERT Operations Centre in Singapore. Our mission to the maritime sector is to help protect them from Cyber threats and our Operators are at the core of our global capabilities.

The following is a brief overview of key competencies and experience required for the Operators of MCERT. Certifications and diplomas to prove such competencies may need to be presented. Depending on the services being delivered, additional specialist skills will be required. General Operator description items:

Experience - Required

  • Previous experience working within a Computer Emergency Response Team (CERT) or Security Operations Centre (SOC), ideally with experience in an operational military setting;
  • Previous experience of incident response, ideally relating to Cyber incidents;
  • Previous experience working on Cyber/Information Technology within the maritime sector.

 

Experience – Highly Desirable

  • Previous experience working on the Cyber Security of Operational Technology, particularly within the maritime sector, would be a benefit.

 

Personal competencies

As an individual, you should have/be:

  • Flexible, creative and a have good team spirit;
  • Strong analytical skills;
  • An ability to explain difficult technical matters in clear and concise wording;
  • A strong understanding of the need for confidentiality and working in a procedural matter;
  • Good organisational skills;
  • Stress durable;
  • Strong communicative and writing skills;
  • Open minded with a willingness to learn.

 

Technical competencies - Required

  • Knowledge of Security threats (DDoS, Phishing, Defacing, Sniffing, etc.) mandatory;
  • Broad knowledge of internet technology and protocols;
  • Knowledge of Windows systems (depending on the equipment of the constituency) is key.

 

Technical Competencies – Highly Desirable

  • Knowledge of network and maritime infrastructure equipment (Router, switches, DNS, Proxy, Mail, etc.) would be beneficial;
  • Knowledge of iOS, Android and Linux systems;
  • Knowledge of Internet applications (SMTP, HTTP(s), FTP, telnet, SSH, etc.) desirable;
  • Knowledge of risk assessment and practical implementations desirable.=

 

Additional competencies - Required

  • Willingness to work on patterned shifts during a 24x7 period and on-call duty;
  • Capacity and willingness to travel for work, both domestically in the UK, in Singapore and elsewhere internationally if required;
  • Level of education to University Degree or equivalent;
  • Further experience working in the field of Cyber Security.

 

Code of conduct/practice/ethics

A code of conduct/practice/ethics is a set of rules or guidelines for the MCERT staff members on how to behave professionally, potentially also outside work. Behaviour outside work is relevant, because it can be expected of MCERT members that they behave responsibly in private as well where computers and security are concerned.

Screening of employees is good practice, and as the information that MCERT holds may be of a confidential and sensitive nature, we must make sure that prospective staff members are trustworthy. As such we will carry out vetting, perhaps extending to a request for references, in order to ensure that this is the case.

Training

The MCERT Operator training plan includes two phases of training: internal training for new staff members to learn how the MCERT operates involving Operations Centre orientation and participation in the three day MCERT Training Simulator, as well as personal learning and external training for continuous improvement of skills and to keep up with the developments in technology (including new threats and attack methods).