Key Expert Cyber
Component 2: To enhance CT capacities through an improved cybersecurity national system.
1. The Action :
The Action entitled “Counter Terrorism in Lebanon” will be implemented over a period of four (4) years.
The overall objective of the action is to reinforce national capacities in Lebanon to react to the threats of terrorism and organized crime while enhancing judicial procedure and promoting rule of law and human rights, in line with international standards.
Specifically, the project aims to strengthen the legal framework against terrorism; to support counter terrorism (CT) interagency coordination; to enhance the cybersecurity national system and to apply a rights-based approach to CT cases by criminal justice and law enforcement officials.
The identified project “Counter Terrorism in Lebanon” comprises three (3) main specific objectives (SO):
- SO 1: To strengthen the regulatory framework and national response against terrorism, in line with international standards
- SO 2: To enhance capacities through an improved cybersecurity national system
- SO 3: To apply a rights based approach to CT cases by law enforcement officials and Courts
1.2 Expected Results
- The cyber posture and the resilience of Lebanon against cyber attacks are enhanced through the support for the establishment of a National Cybersecurity Agency
- The Law Enforcement agencies capacity to prevent and counter cyber terrorism and cyber organized crime is enhanced
- General awareness on cybersecurity and cybercrime is enhanced
1.3 Planned activities
- Assist the establishment of a NCA including the national CERT ((Computer Emergency Response Team) of Lebanon (LEB-CERT), defining its internal organisation, roles, interactions with other NCA and national CSIRTs (Computer Security Incident Response Teams), as the first implementation step of national Cybersecurity Strategy recently adopted.
- Support the functional, operational and technical design for the establishment of the National Training Center on cyber security and cybercrime (cyberange) within the NCA, to deliver real-life training sessions and simulated scenarios to raise awareness and enhance cyber threats understanding of the trainees.
- Support the functional, operational and technical design for the establishment of a national cyber information sharing platform for incident reporting and analysis.
- Support the functional, operational and technical design for the establishment, of a national ethical hacking center within NCA to enable the Lebanese government to assess the vulnerabilities of its cyber space
- Support the functional, operational and technical design for the establishment of a national Cyber Threats Intelligence center, within the NCA, to collect and analyze cyber threats on the Lebanese territory
- Support the functional, operational and technical design for the establishment of a Cybersecurity Operation Centre within the NCA, to monitor the IT infrastructure of the Lebanese governmental organizations that cannot have their own SOC (Security Operations Center).
- Assistance in the procurement of part of these centers depending on budget availability and priorities.
- Mentor the Law Enforcement agencies to prevent and counter cyber-terrorism and cyber-organized crime.
- Conduct training needs analysis of security agencies to prevent and counter cyber-terrorism and cyber-organized crime
- Provide capacity building and training to security agencies on the different needs identified, including threats related to internet and Dark Web, crypto-currencies issues, social engineering techniques.
- Organize training on respect of human rights when dealing with personal data and citizens privacy
- Organize Judicial Training on cybercrime
- Draft guidelines on cybersecurity protection of key infrastructure.
- Provide interagency training to react against a cyberattack to a key infrastructure at risk
- Conduct a pilot exercise of a key infrastructure at risk
- Develop a roadmap for the implementation of a national awareness programme on cybersecurity and cybercrime.
- Support the design, implementation, training and procurement of national open web portal for cybersecurity and cybercrime awareness. Develop an awareness plan of cyber space threats
- Conduct workshops for judges, prosecutors and law enforcement officials on cybercrime legislation
- Guarantee the participation and engagement of civil society and private sector in the awareness platform
2. Required profile :
2.1 Duties and Responsibilities of the Key Expert Cyber
The Expert will report directly to CIVIPOL’s project Manager. Under the supervision of the Team Leader, the Expert is expected to:
- Ensure the appropriate implementation of the Component 2 with respect to the Terms of References of the Principal Contract concluded between the consortium and the European Commission, and in line with the needs expressed by the Beneficiaries;
- Support the establishment and procurement of a National Cybersecurity Agency (NCA) including the national CERT of Lebanon (LEB-CERT);
- Advise the local beneficiaries with security systems technology design,
- Advise local partners (National Cybersecurity Agency, State administrations) in the implementation of the Lebanese national cybersecurity strategy;
- Network and mobilisation with international experts in the fields of cybersecurity and cybercrime to deliver training courses, and workshops in Lebanon;
- Contribute to the draft of the reports contractually required (inception, intermediaries, final);
- Review the work provided by the short-term experts by complementing the reports and giving recommendations and constructive critics;
- Analyse the existing situation and present the working plan set semi-annually, in cooperation with the Team Leader and the other Experts;
- Ensure the effective and coherent implementation of the activities foreseen in compliance with EU procedures, and ensure the project monitoring
- Ensure a quality control check of the work delivered by the project’s short-term experts and support of the design of the Terms of references for the short-term experts’ mobilisation;
- Facilitate the organisation of relevant meetings; and participate to the meetings if necessary;
- Monitor the achievement of the project results through the definition and use of SMART indicators (Specific, Measurable, Achievable, Relevant, Time-bound), and by notifying the European Commission and CIVIPOL’s project Manager on the progress of the project;
- Assist in the procurement of supplies and management of the related supply contracts, facilitating their implementation by ensuring conformity of the delivery of the equipment with the technical specifications defined.
2.2 Qualifications and skills
- At least Master’s degree Academic level or an engineering school diploma relevant to this assignment;
- Strong skills in digital security;
- Excellent knowledge of cyber security policy and national cyber security strategy development;
- Deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments;
- Strong knowledge of current and evolving cyber threat landscape;
- Ability of working in a multi-cultural environment is essential;
- Excellent English skills, both spoken and written;
- Ability to speak French as a second language at business proficient level is an asset;
- Excellent writing skills.
2.3 Professional experience
General professional experience :
- Minimum 15 years of professional experience;
- Practical knowledge of the international cooperation in the security sector;
- Any previous experience in formulation of and/or management of and/or cooperation with EU-funded programmes is a strong asset.
Specific professional experience :
- At least 10 years of working experience in a governmental body dealing with information system and networks security or corporate IT security, or equivalent work experience in one or more of the following areas: IT security, incident handling and response, exploit analysis, network intelligence gathering, vulnerability management, digital forensics methods and procedures;
- At least 3 years of experience within a European National Cybersecurity Agency (NCA) where he had technical and/or regulatory responsibilities;
- Experience in national cyber policy coordination, including with public private partnerships, and excellent understanding of global cyberspace processes;
- Experience in inter-agency and international cyber policy cooperation;
- Experience in providing the interface between technical/operational detail and broader cyber policy development is a strong asset;
- Familiarity with threat intelligence and applications within incident response and forensic investigations;
- Experience in Lebanon is a strong asset;
- A good understanding of EU rules and procedure and EU PCM is a strong asset.
4. Period, indicative calendar and location
The mission will last for a minimum of two (2) years, renewable, on an indicative basis from January 2020 to December 2021.
The Expert will be based full-time in Beirut.