OCIO-0012 Public Key Infrastructure (PKI) Services (NS) - WED 18 Jan

Brussels, Brussels, Belgium

Applications have closed

Deadline Date: Wednesday 18 January 2023

Requirement: Provide Public Key Infrastructure (PKI) Services to the NATO OCIO

Location: Brussels, BE

Full time on-site: Preferred. Teleworking may be acceptable for the right candidate.

NATO Grade: A3/G17/97

Total Scope of the request (hours): 1732.5 hrs in 2023 (44 weeks at 38 per week)

Required Start Date: No Later Than 22 February 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO SECRET

Note: For all Level-of-Effort and Completion-Type requests processed outside of the IWC Value Stream, and for which the contractor will not be reimbursed directly by OCIO for travel expenses, additional travel funding shall be allocated on a Not-to-exceed basis when the yearly Option is exercised.

Annex A – Special Terms and Conditions

The contractor will be responsible for complying with the respective national requirements for working permits, visas, taxes, social security etc. whilst working on site at NATO HQ Brussels, Belgium.

No special status is either conferred or implied by the host organisation, NATO HQ Brussels, Belgium to the contractor whilst working on-site.

The contractor will be responsible for complying with all the respective National Health COVID-19 regulations in Belgium before taking up the position.

If the successful candidate is allowed to work remotely, travel to NATO HQ for meetings will be at the candidate’s expense. Travel to other locations will be reimbursed as if the travel originated in Brussels. Attendance at these meetings are mandatory.

Public Key Infrastructure (PKI) Services

1. INTRODUCTION

The NATO Office of the CIO (OCIO) needs support in developing the PKI support requirements for several cryptographic key management projects and specifications as well as PKI interoperability.

2. TASKS

The contractor will effectively and efficiently provide the following services:

2.1 Lead the rewriting of the NATO PKI Certificate Policy (CertP) and the Certification Practices Statements of the Root and subordinate Certification Authorities (CA). The intent is to update the documents and to reduce the verbosity of the CertP by adding the details to the CPSs.

Measurement: Draft CertP and CPSs ready for review by the NATO PKI Management Authority (NPMA) by the end of 2nd Quarter 2023.

2.2 Perform PKI compliance inspections of the NATO PKI CAs.

Measurement: All CAs inspected for compliance in 2023.

2.3 Update the ACP-145, PKI aspects of Military Messaging Services

Measurement: Document updated by the end of 3rd Quarter 2023.

2.4 Provide secretariat support to the NATO PKI Management Authority (NPMA) and NATO PKI Advisory Group (NPAG) meetings.

Measurement: Meetings successful organized and meeting records issued. Action items tracked and actioned.

2.5 Provide technical advice and review other PKIs within NATO. Issue NPMA waivers allowing them to operate.

Measurement: Prompt support to the above.

2.6 Review the trustworthiness of counter-party PKIs used during NATO exercises and missions, using the NATO PKI trustworthy framework. Issue interoperability agreements as required.

Measurement: Prompt support to the above.

2.7 Provide support to unforeseen requirements as necessary.

Measurement: Support as necessary until the end of 4th Quarter 2023 (and subsequently if the contract is extended).

3. PROFILE

[See Requirements]

4. LOCATION OF DUTY

4.1 It is desirable that the candidate is embedded within the OCIO and works full-time from Brussels. However, for the right candidate, a hybrid work arrangement would be possible with some teleworking and some working at NATO HQ.

5. TIMELINES

5.1 The services of the contractor are required for the period starting 22nd Feb 2023 until 31th December 2023.

6. SPECIFIC WORKING CONDITIONS

6.1 Secure environment with standard working hours. Occasional non-standard hours may be required in support of the NATO Chief Information Officer urgent tasks.

7. TRAVEL

7.1 Occasional business travel may be required. This travel shall be invoiced to the purchaser by the service provider separately and is considered an addition to the overall cost of the bid. Travel arrangements shall be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.3 of AAS Framework Contract and within the limits of the NCIA Travel Directive.

8. SECURITY AND NON-DISCLOSURE AGREEMENT

8.1 The contractor must be in possession or capable of possessing a security clearance of NATO Secret.

8.2 A signed Non-Disclosure Agreement will be required.

Requirements

3. PROFILE

  • The candidate must have a NATO SECRET security clearance.
  • The candidate must have knowledge and multiyear experience in PKI at the policy level. This knowledge and experience would be in developing or revising Certificate Policies, Certification Practices Statements and Certificate Profiles.
  • The candidate must have knowledge of PKI interoperability frameworks, such as the CA/Browser Forum baseline requirements.
  • The candidate must have excellent English writing skills and the ability to brief their work in English.
  • It is desirable that the candidate has practical experience administrating a PKI Certification Authority.
  • It is desirable that the candidate has practical experience auditing or inspecting PKIs.
  • It is desirable that candidate has familiarity and experience with cryptography and cryptographic key management knowledge.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits Clearance Compliance Cryptography NATO PKI Security Clearance

Perks/benefits: Startup environment

Region: Europe
Country: Belgium
Job stats:  3  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.