Вакансія: Consultant – Critical Infrastructure Engineer USAID Cybersecurity for Critical Infrastructure in Ukraine Activity

1. Activity Background:

The purpose of the US Agency for International Development (USAID) Cybersecurity for Critical Infrastructure in Ukraine Activity is to strengthen the resilience of Ukraine’s critical infrastructure from cyberattacks by establishing trusted collaboration between key cybersecurity stakeholders in the government, private sector, academia, and civil society. The activity aims to achieve this goal by implementing the following activity components:

Component 1: Strengthen the cybersecurity enabling environment

The legal, regulatory, and institutional framework for national cybersecurity in Ukraine needs to be strengthened and aligned with international standards and best practices. This component will strengthen the cybersecurity resilience of Ukraine’s critical infrastructure sectors by addressing legislative gaps, promoting good governance, enabling collaboration between stakeholders, and supporting cybersecurity institutions. This component will also build the technical capacity of key sectors through increased access to cybersecurity technology and equipment.

Component 2: Develop Ukraine’s cybersecurity workforce

Ukraine suffers from a severe shortage of cybersecurity professionals. This component of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity will address workforce gaps through activities that develop new cybersecurity talent and build the capacity of existing talent. These activities will address the entire workforce pipeline, the quality of education received by cybersecurity specialists, and industry training programs to rapidly upskill Ukraine’s workforce to respond to immediate cybersecurity vulnerabilities.

Component 3: Build a resilient cybersecurity industry

A growing cybersecurity industry in Ukraine will contribute directly to national security and prosperity. This component will seek to build trust and collaboration between the public and private sector to develop innovative solutions for future cybersecurity challenges; spur investment and growth in the broader cybersecurity market in Ukraine through greater access to financing; support smaller cybersecurity companies to rapidly increase the number of local cybersecurity service providers; and offer mechanisms for Ukrainian firms to connect with industry partners to enable better access to innovations and business opportunities.

1. ROLE’S PURPOSE: 

Ministry of Digital Transformation (MDT) – is the key government institution that is responsible for the use of digital technologies in public administration and public services. App and Portal DIIA became a focal point for all Ukrainian citizens to receive numerous public services quickly and MDT ensures all these services have high-grade cybersecurity.

The Activity has already provided assistance to MDT in this regard and implemented various initiatives, eg.: bug bounty programs and pen-tests conducted in 2020 and 2021. In continuation of these efforts, the Activity will continue such support to MDT by improving cybersecurity for system of electronic interaction of state electronic information resources “Trembita”

The Activity is looking for a Trembita Security Engineer to:

1. Configure and administer the security events (Security Information and Event Management) of the SIEM system.
2. Configure and administer the log storage and analysis server.
3. Develop and implement rules for monitoring security events/incidents.
4. Conduct monitoring of event logs and core components of the “Trembita” system.
5. Provide analysis and investigation of incidents of information and cybernetic security of the core of the “Trembita” system and gateways of the Secure Exchange of system participants.
6. Scan for vulnerabilities in the core components of the “Trembita” system.
7. Notify the authorized bodies about cybersecurity incidents obtained independently or received from users of the Trembita system in accordance with the procedure for sharing information about incidents to the relevant GOU authorities and the norms of current legislation.
8. Implement the single sign-on (SSO) for the “Trembita” system;

The Critical Infrastructure Engineer will work under the oversight of the Enabling Environment Lead.

2. DELIVERABLES AND DEADLINES

3. MINIMUM QUALIFICATIONS AND EXPERIENCE:

• At least two years of experience working on IT or information security engineer of similar technical scope;
• Knowledge of network security protocols, network technologies, OSI model;
• Previous experience in monitoring and response to cybersecurity incidents;
• Experience in network traffic analysis;
• Ability to analyze and correlate events in the network;
• Previous experience in deploying web servers (NGINX, Apache), databases (PostgreSQL, Redis, Influx) and different applications (Alfresco, Confluence, Tomcat, etc
• Building and implementing KSZIs security perimeter;
• Knowledge of Syslog, windows event log collector at the administrator level;
• Basics of Linux, Windows OS, work principles of commutation equipment and main instruments of security;
• Writing tech requirements and documentation for information systems;
• Principles of information security and incident management monitoring organization (use cases, rulebooks/playbooks, response procedures);
• Experience in the administration of SIEM systems;
• Understanding the principles of web servers / services and DBMS;
• Experience in the operation of information security systems – implementation, development of policies, administration, investigation of incidents;
• Experience in computer systems engineering for GOU authorities (desired). 

• Fluency in Ukrainian and English is required. 

Qualified candidates should send their CV and cover letter with the name of position in a subject line to [email protected] by 30 December 2022 6:00 pm Kyiv time. Only short-listed candidates will receive notice requesting additional information.