NATO has extended the deadline date for this RFQ.
Deadline Date: Friday 12 April 2024 (Was Thursday 11 April 2024)
Requirement: Systems Engineer CIS Security 1
Location: Braine L'Alleud, BE
Full time on-site: Yes
Time On-Site: 100%
Total Scope of the request (hours): 1115
Required Start Date: 13 May 2024
End Contract Date: 31 December 2024
Required Security Clearance: NATO SECRET
Duties and Role:
Under the direction of the Head of the CIS Security Risk Management Section (RMS), the Systems Engineer CIS Security:
Produce security accreditation documents set for NISC managed CIS following a risk management methodology. This includes CIS Description, Security Accreditation Plan, Security Risk Assessment Report, Security Requirement Statements, Security Operating Procedures, Security Test and Verification Plan.
Conduct Security Risk Assessments in support of NISC managed CIS; this includes the identification and assessment of risks in close coordination with NATO accreditation stakeholders (including technical and security authorities).
Support the development of mitigation and remediation plans, following the identification and assessment of cybersecurity risks for NISC managed CIS, specifically assessing the residual risks after the application of cybersecurity risk mitigation measures.
Conduct Security tests for NISC managed CIS in accordance with defined test plans and provide associate reporting.
Assist with complex remediation activities for NISC managed CIS; conduct remediation activities in collaboration with the NCI Agency Service Delivery Managers.
Ensure adequate level of systems/data protection is implemented for NISC managed CIS in accordance with NATO Security policies and directives.
Advise NISC staff on best practice with regards to daily security tasks; develop and deliver CIS Security awareness presentations.
Provide feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes.
Perform other duties as may be required.
Specific Working Conditions: Normal office environment with standard working hours, out of hours working might be required to support established maintenance activities.
Exceptionally may be contacted during out-of-hours periods to support delivery of critical services or support Major Cyber Security Incidents.
Requirements
Skill, Knowledge & Experience:
The candidate must have a currently active NATO SECRET security clearance
Essential to have a Bachelor's Degree in Computer Science combined with a minimum of 5 years' experience in a CIS Security related post, or a Secondary education and completed advanced vocational education (leading to a professional qualification or professional accreditation) with 7 years post related experience.
Mandatory
Good knowledge and experience (at least 2 years) with Security Accreditation of large CIS, and with security risk assessment methodologies and tools.
Comprehensive knowledge of the principles of computer and communication security, networking, the vulnerabilities of modern operating systems and applications and top Critical Security Controls for effective cyber defence.
Ability to investigate and analyse complex scenarios and solve problems in innovative ways
Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
Desirable
Knowledge of and prior experience with NATO security policies and directives, security accreditation framework and risk assessment methodology
Holding recognized professional qualification within the CIS Security domain
Prior experience of working in an international environment comprising both military and civilian elements
Hand-on experience with implementation and integration of CIS Security protective measures in large CIS.