C004289 Digital Forensics Tools Administrator (NS) BELGIUM - 11 Jul

Deadline Date:  Friday 11 July 2025
 
Requirement:   Digital Forensics Tools Administrator
 
Location:  Mons, BELGIUM
 
Full Time On-Site:  Yes
 
Time On-Site:  100%
 
Not to Exceed Rate:  71 EUR
 
Total Scope of the request (ho urs):  500
 
Required Start Date:  18 August 2025
 
Required Security Clearance:  NATO SECRET
 
Duties and Role:  
The service provider shall deploy, configure, and maintain the suite of digital forensics and XDR tools, ensuring all systems are kept up to date in accordance with IT Service Management (ITSM) processes. The provider is expected to integrate user feedback and implement enhancements to improve usability and effectiveness, which may include developing automation scripts or custom configurations to meet operational requirements.
As part of a small team of technical experts performing the tasks listed above, your main duties will be to:

• Design, set up, and manage a suite of digital forensics acquisition tools (ex.: F-Response, Velociraptor, X-Ways, Axiom) ensuring seamless integration with other technologies present on the network.
• Ensure that the deployment and operation of forensic and XDR tools (ex.: Fidelis, CrowdStrike, Cortex, Defender XDR) meet strict security requirements and comply with IT Service Management policies governing the network environment.
• Apply best practices in forensic workflow automation by leveraging tools and technologies like N8N, Ansible and Magnet Automate to enhance efficiency and reliability.
• Ensure that forensic tools are properly configured with the necessary routing and network rules, enabling secure and reliable access across different segments of the network.
• Lead or contribute to the creation and ongoing maintenance of comprehensive documentation and Standard Operating Procedures (SOPs) to support operational continuity and compliance.
• Collaborate closely with team members and end users to incorporate feedback, continuously improving the quality and effectiveness of the delivered digital forensics capabilities.

• The candidate must have a currently active NATO SECRET security clearance
• Essential to have a Bachelor's Degree in Computer Science (or similar) combined with a minimum of 2 years' experience in Cyber Security related post as a Security Engineer or similar position, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 5 years post related experience. Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency; that is, at least 8 years extensive and progressive expertise in the duties related to the function of the post.
• Strong knowledge and experience in deploying, managing and maintaining forensics and XDR tools in complex environments;
• Solid understanding of digital forensic methodologies and principles;
• Have an in-depth understanding of infrastructure concepts related to Hosting, Networks, IP address Management, firewalls, certificates, Load balancing and Proxy;
• Knowledge and demonstrable experience with scripting languages and integration tools including PowerShell, Python, Bash, Batch and Ansible;
• Good understanding of cyber security concepts;
• Good understanding of network communication protocols;
• Good verbal and written communication skills in English;
• Strong team-spirit attitude;
• Ability to produce detailed technical documentation and follow change management processes.

• Professional experience in digital forensic analysis;
• Past experience working for NATO or in an international organization;
• Experience with Microsoft Azure, Microsoft Defender for Endpoint.