C003009 Sr Sys Eng (CIS Security/INFOSEC Officer) (CTS) - WED 27 SEP RELAUNCH

NOTE: NATO has received two clarification requests regarding C003009 - Senior Systems Engineer (CIS Security/INFOSEC Officer). Question 1: Would it be possible for the IWC to manage the duties from The Hague site? Answer 1: The duty location is Braine l'Alleud, we cannot move it to The Hague. Question 2: it is possible to submit Candidates with NATO Secret Clearance and NATO CTS in progress? Answer 2: The IWC must have CTS to start, they cannot start without this level of clearance as they will not be able to do any of the duties required or have access to information and systems.

Previously proposed candidates were non-compliant for the following reasons: - candidate lacks experience of security governance, strategic alignment, risk management, performance management and value delivery - candidate was unable to articulate the stages of risk management, Information Security Concepts and Security accreditation – unable to articulate how the process looks, entities involved etc.

Deadline Date: Wednesday 27 September 2023

Requirement: Senior Systems Engineer (CIS Security/INFOSEC Officer)

Location: Braine L'Alleud, BE

Full time on-site: Yes

Time On-Site: 100%

Not to Exceed Rate: 81 EUR

Total Scope of the request (hours): 365

Required Start Date: 6 November 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO COSMIC TOP SECRET

Duties and Role:

Under the direction of the Head of Service Delivery Management and, for INFOSEC matters, the Agency Security Manager, but largely on own initiative, the incumbent will carry out duties such as the following:

• Supporting all technical development activities required to maintain the confidentiality, integrity and availability of NIMSC operational business networks;
• Maintain personal core competencies (functional and technical) in Information Assurance, supervise staff and Subject Matter Experts (SME) temporarily assigned to the section;
• Planning and coordinating, in close corporation with NATO Cyber Security Centre, the internal development of security architectures for large-scale systems, networks, and infrastructure solutions;
• Applying excellent expertise and providing recommendations in the development of conceptual, logical, and technical security architecture;
• Applying knowledge of a variety of hardware and software security capabilities and features;
• Resolving security and non-security requirement conflicts, and collaborating with team leaders, scientists and developers to appropriately convert functional needs into technical security requirements;
• Coordinating with systems and network administrators in support of security architecture requirements;
• Identifying security-related Key Performance Indicators and generating reports to ensure full visibility of the overall NCIA Information Security posture;
• Coordinating and overseeing vulnerability assessment and penetration tests performed on NIMSC systems; overseeing remediation activities and reporting on progress;
• Supporting all phases of the security accreditation processes required to maintain operational status;
• Maintaining the NIMSC CIS Security Risk and Issue Register;
• Planning, deploying, and configuring a variety of hardware, software, and security products;
• Providing feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes;
• Conducting INFOSEC training and awareness programmes;
• Contribute to the Business Continuity Plan in the NIMSC CIS Security area;
• Deputize for higher grade staff, if required;
• Performs other duties as may be required

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO COSMIC TOP SECRET security clearance to start
• A minimum requirement of a Bachelor's degree at a nationally recognised/certified University in an Information Security related discipline and 3 years post-related experience.
• Or, exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 10 years extensive and progressive expertise in duties related to the function of the post.
• At least three years' experience within any 3 of the following areas: system security, security architecture, network security engineering, security governance including strategic alignment, security audit, risk management, performance management and value delivery;
• Certified Information Systems Auditor(CISA) or Certified Information Systems Security Professional(CISSP) or Certified Information System Manager(CISM) ;
• Detailed knowledge and working experience of network and security technologies such as IPv6, BGP, Firewalls, Virtual Private Networks, Intrusion Detection and Forensic Appliances;
• Detailed knowledge and working experience of network and security technologies such as IPv4/IPv6, IPsec, routing protocols, Firewalls, Virtual Private Networks, Intrusion Detection and Forensic Appliances;
• Experience with high-availability/redundant systems architectures (clusters & load-balancers).

Desirable Experience and Education:

• Knowledge and working experience of Public Key Infrastructure;
• Knowledge and working experience of securing network devices and Windows/UNIX based operating systems;
• Experience with WLAN technologies and endpoint security of mobile devices such as Laptops, PDAs and Smartphones devices;
• Knowledge of mobile data communications, in particular satellite or maritime solutions;
• Knowledge of NATO responsibilities and organization to include NATO Security Policy and supporting directives;
• Understanding of INFOSEC in NATO or NATO member nation environment;
• Prior experience of working in an international environment comprising both military and civilian elements.