SC2024-003475 Cyber Security Scorecard Dev and Assessment (NS) - FRI 5 Apr
The Hague, South Holland, Netherlands
Full Time Contract Mid-level / Intermediate Clearance required USD 40K - 74K *
EMW, Inc.
Deadline Date: Friday 5 April 2024
Requirement: Cyber Security Scorecard Development and Assessment
Location: The Hague, NL
Full Time On-Site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 1170
Required Start Date: 13 May 2024
End Contract Date: 31 December 2024
Required Security Clearance: NATO SECRET
Duties and Role:
- Design and implement a comprehensive cybersecurity scorecard, tailored to assess NATO-Enterprise's cybersecurity posture.
- Develop specific, relevant metrics and measures that accurately reflect the cybersecurity performance.
- Continually update and refine the assessment methodology to ensure it remains effective and relevant to NATO's needs.
- Perform on-site cybersecurity maturity and performance assessments as required.
- Guide and support various non-NCIA managed Enterprise entities in conducting their self-assessments.
- Analyse collected cybersecurity data and generate insightful reports and visualizations.
- Effectively communicate with stakeholders at all levels.
This work will be executed and funded as a Level-of-Effort based contract with a set number of hours, and therefore delivery will be based on instructions provided by the project team.
For information, the primary deliverables for this work are anticipated to be:
- Developing Cybersecurity Scorecard, Measures and Metrics: Creating robust and relevant metrics for tracking cybersecurity performance.
- Refining Assessment Methodology: Continuously updating and refining the methodology for assessing cybersecurity maturity and performance.
- Publishing Annual Cybersecurity Scorecard: Releasing an updated scorecard every year to guide the subsequent assessment cycle.
- Maintaining Self-Assessment Tools: Ensuring that self-assessment tools, questionnaires, metrics and measurements are up to date and relevant.
- Conducting On-Site Assessment: Performing on-site cybersecurity maturity and performance assessments.
- Supporting Self Assessments: Assisting various non-NCIA managed Enterprise entities in conducting their assessments.
- Compiling Results and Report Generation: Creating consolidated reports and establishing visualization tools for assessment results.
The work will mostly be executed on-site, but there will also be a requirement to visit other sites for assessments as directed by the project team. In the initial weeks, a concrete work schema with delivery milestones will be agreed upon with the project manager, after which payment will be approved pro-rata upon completion of the delivery milestones (typically on a monthly basis). Travel expenses and Per Diem for requested travel duties will be covered through separate funding.
Requirements
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO SECRET security clearance
- Expertise in Cyber Security: The candidate must have extensive experience in cyber security with a focus on analytical assessment, scorecard development and performance metrics. The candidate must have a deep understanding of the cybersecurity processes such as Cyber Incident Management, Defensive Cyberspace Operations, Enterprise Risk Management and Cyber Threat Intelligence Analysis and Sharing.
- Experience in Metrics and Measures Development: The candidate must have experience in creating meaningful and actionable cybersecurity metrics and measures.
- Methodology Development Skills: The candidate must have proficiency in developing, refining and updating methodologies for assessing cybersecurity maturity and performance.
- Data Analysis and Visualization Proficiency: The candidate must have strong skills in data analysis and the ability to create insightful visualizations for complex data sets. Familiarity with modern data visualization tools is essential.
- Communication Skills: The candidate must have excellent written and verbal communication skills for engaging with various stakeholders and facilitating Enterprise-wide assessments.
- The contracted individual must be able to perform effectively and efficiently with minimal supervision
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Clearance NATO Risk management Security Clearance Threat intelligence
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs