OCIO-0012 Public Key Infrastructure (PKI) Services (NS) - WED 18 Jan
Brussels, Brussels, Belgium
Deadline Date: Wednesday 18 January 2023
Requirement: Provide Public Key Infrastructure (PKI) Services to the NATO OCIO
Location: Brussels, BE
Full time on-site: Preferred. Teleworking may be acceptable for the right candidate.
NATO Grade: A3/G17/97
Total Scope of the request (hours): 1732.5 hrs in 2023 (44 weeks at 38 per week)
Required Start Date: No Later Than 22 February 2023
End Contract Date: 31 December 2023
Required Security Clearance: NATO SECRET
Note: For all Level-of-Effort and Completion-Type requests processed outside of the IWC Value Stream, and for which the contractor will not be reimbursed directly by OCIO for travel expenses, additional travel funding shall be allocated on a Not-to-exceed basis when the yearly Option is exercised.
Annex A – Special Terms and Conditions
The contractor will be responsible for complying with the respective national requirements for working permits, visas, taxes, social security etc. whilst working on site at NATO HQ Brussels, Belgium.
No special status is either conferred or implied by the host organisation, NATO HQ Brussels, Belgium to the contractor whilst working on-site.
The contractor will be responsible for complying with all the respective National Health COVID-19 regulations in Belgium before taking up the position.
If the successful candidate is allowed to work remotely, travel to NATO HQ for meetings will be at the candidate’s expense. Travel to other locations will be reimbursed as if the travel originated in Brussels. Attendance at these meetings are mandatory.
Public Key Infrastructure (PKI) Services
1. INTRODUCTION
The NATO Office of the CIO (OCIO) needs support in developing the PKI support requirements for several cryptographic key management projects and specifications as well as PKI interoperability.
2. TASKS
The contractor will effectively and efficiently provide the following services:
2.1 Lead the rewriting of the NATO PKI Certificate Policy (CertP) and the Certification Practices Statements of the Root and subordinate Certification Authorities (CA). The intent is to update the documents and to reduce the verbosity of the CertP by adding the details to the CPSs.
Measurement: Draft CertP and CPSs ready for review by the NATO PKI Management Authority (NPMA) by the end of 2nd Quarter 2023.
2.2 Perform PKI compliance inspections of the NATO PKI CAs.
Measurement: All CAs inspected for compliance in 2023.
2.3 Update the ACP-145, PKI aspects of Military Messaging Services
Measurement: Document updated by the end of 3rd Quarter 2023.
2.4 Provide secretariat support to the NATO PKI Management Authority (NPMA) and NATO PKI Advisory Group (NPAG) meetings.
Measurement: Meetings successful organized and meeting records issued. Action items tracked and actioned.
2.5 Provide technical advice and review other PKIs within NATO. Issue NPMA waivers allowing them to operate.
Measurement: Prompt support to the above.
2.6 Review the trustworthiness of counter-party PKIs used during NATO exercises and missions, using the NATO PKI trustworthy framework. Issue interoperability agreements as required.
Measurement: Prompt support to the above.
2.7 Provide support to unforeseen requirements as necessary.
Measurement: Support as necessary until the end of 4th Quarter 2023 (and subsequently if the contract is extended).
3. PROFILE
[See Requirements]
4. LOCATION OF DUTY
4.1 It is desirable that the candidate is embedded within the OCIO and works full-time from Brussels. However, for the right candidate, a hybrid work arrangement would be possible with some teleworking and some working at NATO HQ.
5. TIMELINES
5.1 The services of the contractor are required for the period starting 22nd Feb 2023 until 31th December 2023.
6. SPECIFIC WORKING CONDITIONS
6.1 Secure environment with standard working hours. Occasional non-standard hours may be required in support of the NATO Chief Information Officer urgent tasks.
7. TRAVEL
7.1 Occasional business travel may be required. This travel shall be invoiced to the purchaser by the service provider separately and is considered an addition to the overall cost of the bid. Travel arrangements shall be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.3 of AAS Framework Contract and within the limits of the NCIA Travel Directive.
8. SECURITY AND NON-DISCLOSURE AGREEMENT
8.1 The contractor must be in possession or capable of possessing a security clearance of NATO Secret.
8.2 A signed Non-Disclosure Agreement will be required.
Requirements
3. PROFILE
- The candidate must have a NATO SECRET security clearance.
- The candidate must have knowledge and multiyear experience in PKI at the policy level. This knowledge and experience would be in developing or revising Certificate Policies, Certification Practices Statements and Certificate Profiles.
- The candidate must have knowledge of PKI interoperability frameworks, such as the CA/Browser Forum baseline requirements.
- The candidate must have excellent English writing skills and the ability to brief their work in English.
- It is desirable that the candidate has practical experience administrating a PKI Certification Authority.
- It is desirable that the candidate has practical experience auditing or inspecting PKIs.
- It is desirable that candidate has familiarity and experience with cryptography and cryptographic key management knowledge.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Clearance Compliance Cryptography NATO PKI Security Clearance
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs