To implement the Principality's National Trust Infrastructure, we are looking for an expert specialising in key management infrastructures (PKI). This person will join a team of 3 people already in place and must be able to cover at least two of the four points set out in the following paragraph:
Participate in maintaining the qualification of trust services operated by the Monegasque State services.
In detail, the mission includes the following actions:
- Monitoring changes in the applicable regulations (eIDAS, RGS-P and ETSI standards, mainly 319 401, [319 411-1, 319 411-2, 319 412] and [319 421, 319 422]),
- Ensuring that the CCM's document repository is kept up to date and consistent, in particular the certification policies and the certification practice statements,
- Proposing changes to the document repository in line with regulatory changes, the technical base or the organisation set up within the framework of the CCM, in conjunction with the Certification Authority [CA] managers.
- Ensuring and monitoring the publication of the elements required for the proper operation of the CCM (CP, CPD, registration forms, CRL, ARL, CA chain, etc.).
- Preparing the agendas of the Trust Services Monitoring Committee (C2SC)
- Prepare and validate C2SC minutes
- Preparing and organising qualification renewal audits and internal audits in conjunction with the Government's CISO and the DSN, each in their respective areas of responsibility,
- Participate in the preparation of security audits relating to the CCM,
- Drawing up and monitoring action plans for correcting non-compliances (audits and controls) in liaison with the stakeholders concerned (Registration Authority (RA) managers, online window managers, technical operators, etc.).
- Ensuring the archiving of CCM traces as required by the standards,
- Preparing and monitoring applications for qualification of trust services,
- Supporting the CCM Registration Authorities,
Participating in the operational monitoring of the CCM.
In detail, the mission includes the following actions:
- Defining and monitoring the implementation of quality, performance and supervision indicators in conjunction with the CERT-MC,
- Planning, organising (including drafting scripts and minutes) and conducting key ceremonies as and when required,
- Ensuring that the Lists of Revoked Authorities are drawn up and published in conjunction with the CERT-MC in strict compliance with the deadlines set,
- Ensuring the management of CCM secrets (drawing up allocation, withdrawal or transfer forms, monitoring and annual inventory),
- Ensuring that the infrastructure is maintained in operational condition, in conjunction with Certinomis (weekly monitoring of tickets [JIRA], monitoring of progressive maintenance of infrastructure equipment),
- Participate in the monthly Operations Monitoring Committees (CoSui),
- Leading and monitoring the monthly Security Monitoring Committees (CoSec),
- Monitor the implementation of monitoring committee actions,
- Assisting the functional and technical operation of the ICN and its components, in particular by monitoring the resolution of production and security incidents,
- Monitor the life cycle of the HSM units (updates, configuration, follow-up sheets),
- Sharing audit information with the Government's CISO to enable him to consolidate risk analyses,
- Monitoring the front offices (exchanges with the AEs and service providers, management of requirements, particularly in terms of consumables, etc.),
- Monitoring the distribution of trusted roles in the CCM and ensuring their segregation in accordance with the matrix provided for this purpose,
- Ensuring that logs are continuously available on the supervision server, that they are complete and that any anomalies are reported using the JIRA tool,
- Monitor the compliance of the logs with the service provider chosen for this purpose, who is involved in the analysis of the logs,
- Monitor the implementation of legal archiving,
- Participate in the implementation and execution of the CCM's internal control system (organisation, documentation, processes),
- Carrying out an annual assessment of the CCM's security level.
Participate in the ICN's MCO/MCS operations and its development.
In detail, the mission includes the following actions:
- Implementing quality, performance and supervision indicators,
- Analysing alerts from the SIEM and NAGIOS systems, as well as anti-DDoS, antivirus and CyberWatch reports, and carrying out any necessary investigations or operations,
- Take charge of the functional (EJBCA) and technical operation of the ICN and its components,
- Create incident and support tickets,
- Participate in the diagnosis and resolution of technical incidents,
- Helping to draw up proposals for changes to the architecture of the CCM,
- Annually implementing and proposing changes to the CCM's Disaster Recovery Plan,
- Participating in technical, technological and methodological choices in connection with the CCM,
- Propose and implement technical and organisational changes as required,
- Contributing to the operational management of the Certification Authorities,
- Participating in the preparation of public procurement contracts in conjunction with the CCM.
Monitor issues relating to trust services.
In detail, the mission includes the following actions:
- Monitoring issues relating to cryptology and their implementation (algorithms, components, etc.) in liaison with the service provider chosen for this purpose and, where appropriate, the French National Information Systems Security Agency [ANSSI]),
- Developing the Monegasque TSL (Trusted Services List) as required and helping to keep it up to date.
