Digital Forensics Platform Administrator for NATO with security clearance

As part of a small team of technical experts performing the tasks listed above, your main duties will be to:

Design, set up, and manage a suite of digital forensics acquisition tools (ex.: F-Response, Velociraptor, X-Ways, Axiom) ensuring seamless integration with other technologies present on the network.

Ensure that the deployment and operation of forensic and XDR tools (ex.: Fidelis, CrowdStrike, Cortex, Defender XDR) meet strict security requirements and comply with IT Service Management policies governing the network environment.

Apply best practices in forensic workflow automation by leveraging tools and technologies like N8N, Ansible and Magnet Automate to enhance efficiency and reliability.

Ensure that forensic tools are properly configured with the necessary routing and network rules, enabling secure and reliable access across different segments of the network.

Lead or contribute to the creation and ongoing maintenance of comprehensive documentation and Standard Operating

Procedures (SOPs) to support operational continuity and compliance.

Collaborate closely with team members and end users to incorporate feedback, continuously improving the quality and effectiveness of the delivered digital forensics capabilities.

The main deliverables as will be to:

The service provider shall deploy, configure, and maintain the suite of digital forensics and XDR tools, ensuring all systems are kept up to date in accordance with IT Service Management (ITSM) processes. The provider is expected to integrate user feedback and implement enhancements to improve usability and effectiveness, which may include developing automation scripts or custom configurations to meet operational requirements.

Requirements Description:

• At least 5 years of experience in deploying, managing and maintaining forensics and XDR tools in complex environments;
• At least 2 years of experience with remote acquisition tooling (Fidelis and/or F-Response) with demonstrated ability to configure,support deployment at scale including resolving failed collections and performance issues.
• At least 2 years of experience with collaboration tools such as Jira and Confluence;
• Strong understanding of forensically sound acquisition principles (integrity verification, repeatability, minimizing system impact).
• Windows Server/Desktop administration skills: services, drivers, certificates, event logs, permissions, remote management.
• Ability to diagnose host-level issues impacting forensic tools (resource contention, disk I/O, endpoint controls, OS patch impacts).
• Experience with Red Hat Linux and managing a fleet of servers with Ansible
• Have an in-depth understanding of infrastructure concepts relatedto Hosting, Networks, IP address Management, firewalls, certificates, Load balancing and Proxy;
• Experience working with vendors (support tickets, log bundles, upgrades) and communicating impacts/ETAs to investigators/analysts.
• Experience implementing least-privilege access, credential handling, and audit logging for forensic systems.
• Knowledge and demonstrable experience with scripting languages and integration tools including PowerShell, Python, Bash, Batch and Ansible;
• Good understanding of cyber security concepts;
• Good understanding of network communication protocols;
• Good verbal and written communication skills in English;
• Strong team-spirit attitude;
• Ability to produce detailed technical documentation and follow change management processes.
  
  

Desirable

• Professional experience in digital forensic analysis;
• Past experience working for NATO or in an international organization;
• Experience with Microsoft Azure, Microsoft Defender for Endpoint