2024-0052 Cyber Analyst 3 (NS) - TUE 13 FEB RELAUNCH

Deadline Date:  Tuesday 13 February 2024

Requirement: Cyber Analyst III

Location: Mons, BE

Full time on-site: Yes

Required Start Date: 18 March 2024

End Contract Date: 31 December 2024

Required Security Clearance: NATO SECRET

1. INTRODUCTION

This statement of work (SoW) describes the work to be contracted to support CyOC to fulfill new duties and increasing sustenance with NCSC in regards of incident correlation, vulnerability assessments, and trend analysis.

2. SCOPE OF WORK

• Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
• Conducts assessments of threats and vulnerabilities.
• Assess the level of risk and recommends appropriate mitigation countermeasures in operational and nonoperational situations.
• Provide reports targeted to the operational community based on technical reports.
• Conducts and provide cyber data analytics and data visualization to the cyber community of Interest stakeholders.
• Provide identification and categorization to cyber events and/or incidents.
• Assists in the use of Artificial Intelligence and/or Machine learning technologies and cyber related tools for cyber security.
• Support the identification and mapping of attack vectors through the use of cyber tools such as MALTEGO, Neo4J, etc)
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation

3. REQUIERED PROFILE

[See Requirements]

4. DELIVERABLES AND PAYMENT

The contracted individual must be able to perform effectively and efficiently with minimal supervision.

The following deliverables are required by the dates below:

D1: Activities for cyberspace analysis:

a) Technical support related to requirements from projects or incidents in cyberspace or new duties in support of CyOC Q1.

b) Technical support related to requirements from projects or incidents in cyberspace or new duties in support of CyOC Q2.

c) Technical support related to requirements from projects or incidents in cyberspace or new duties in support of CyOC Q3.

d) Technical support related to requirements from projects or incidents in cyberspace or new duties in support of CyOC Q4.

1 - As applicable from para.2&4 for the period + Monthly Reports/DAS

Due 31 March 2024

2 - As applicable from para.2&4 for the period + Monthly Reports/DAS

Due 30 June 2024

3 - As applicable from para.2&4 for the period + Monthly Reports/DAS

Due 30 September 2024

4 - As applicable from para.2&4 for the period + Monthly Reports/DAS

Due 31 December 2024

Payment Milestones: Payment will be done on a monthly basis based on performed deliverables and the equivalent of man hours in executing them. The payment shall be dependent upon successful acceptance of the Delivery Acceptance Sheet (DAS) Annex B including the EBA Receipt number.

The Contractor will provide a consolidated monthly report, in the form a completed Delivery Acceptance Sheet (DAS) (Annex B), annotating with precision the deliverables produced for the projects and activities supported.

Payment will be done on a monthly basis based on performed deliverables and the equivalent of man-hours in executing them, with a ceiling of 1672 man hours / calendar year (12-months) and upon acceptance of the Delivery Acceptance Sheet (DAS) by the Purchaser.

Invoice and DAS shall be provided to Purchaser for the payment of period of performance.

5. WORK EXECUTION

The work will be executed on-site with meetings occasionally required in support of work as per D1. The candidate shall provide a summary per milestone of the work done and report to the CyOC SA Section Head, which, together with CyOC SA Staff feedback will function as the basis for approving payments linked to deliverables as mentioned under section 3.

6. TIMELINES

The services are to be provided for the initial period starting 18 March 2024 through 31 December 2024.

7. SECURITY AND NON-DISCLOSURE AGREEMENT

The contracted individual must be in possession of a security clearance of NATO Secret or above. The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution.

8. PRACTICAL ARRANGEMENTS

This is a deliverable based contract.

Services will be provided 100% onsite, at SHAPE CyOC and NCSC (Mons, BE).

Occasional travel to the NATO main sites might be needed. Travel requires the prior coordination with and approval of the NCIA Project Manager.

TDY costs are not included in the NTE of this RFQ and will be claimed separately in accordance with NCIA Travel Directive

Requirements

3. REQUIERED PROFILE

The required profile is Cyber Analyst as follows:

• The candidate must have knowledge and multiyear experience in organization, management and support of various (international) operations, activities, units and projects related to defense, cybersecurity, networks, digital evidence, communications and information systems, in the national and NATO environments.
• The candidate must have previous experience within NATO dealing with Communication and Information Systems and/or Cyber.
• The job requires deep knowledge and justified experience of performing highly-specialized review and evaluations of incoming cybersecurity information to determine its usefulness for intelligence at national or preferably at NATO environments.
• The job requires minimum 5 years of experience on analyzing threat information from multiple sources, exploitation analysis, incident correlation, threat analysis and Cyber Security Fields. The candidate must have experience in leading staff work on international headquarters.

7. SECURITY AND NON-DISCLOSURE AGREEMENT

• The contracted individual must be in possession of a security clearance of NATO Secret or above. The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution.