IT Security Engineer

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role ID – C004184

Role Duties and Responsibilities

• Supports Communication Information Systems (CIS) Security assurance of all NDWC services;
• Contribute to the enforcement of NATO Policy, Agency Directives and Standard Operating Procedures (SOPs) within NDWC and produces tailored guidance to Service Area Owners (SAO) ensuring balance between business continuity and security;
• Liaison with NATO Cyber Security Centre (NCSC) to provides operational CIS security support to all services provided by NDWC;
• Provides subject matter expert knowledge to assist NDWC technical development activities to maintain integrity of NCIA's operational business networks assuring secure operations in a globally networked and highly mobile environment;
• Support information security processes for all NDWC Managed CIS within the Agency, both for internal operations and for Agency's customer-funded Networks;
• Contribute to the resolution of security requirement conflicts and collaborates with PMs, SDMs and engineers to appropriately convert customer requirements into secure services;
• Coordinate with systems administrators in support of security architecture requirements;
• Identify cyber security-related Key Performance Indicators and generate reports to ensure full visibility of all NWDC Managed CIS;
• Support NCSC and Security and Evaluation Agency (SECAN) vulnerability assessment testing and penetration testing performed on NDWC managed CIS;
• In coordination with NCSC Accreditation Support Office supports all phases of security accreditation processes required to maintain operation status.
• Deputize for higher grade staff, if required;
• Performs other duties as may be required.

Essential Skills and Experience

• Several years of experience (at least two years) with system security, security architecture, network security engineering, and security governance including policy alignment, risk management, performance management and value delivery;
• Proven experience in CIS Security;
• Proven ability to communicate effectively orally, using tact and diplomacy, and in writing with effective briefing skills.

Desirable Skills and Experience

• Good knowledge of containerized micro services and applications, Kubernetes, Docker, etc.
• Good knowledge of main public cloud ecosystems.
• Good knowledge and exposure to Cloud standards, architecture, and models.
• Knowledge of industry standard DevSecOps tools and frameworks.
• Knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration.
• Excellent knowledge of, and experience using, common security tools Tenable Nessus, NMAP, Tanium endpoint management, Microsoft Defender, Trelix ePO etc.
• Knowledge of common MS and Linux updating and patching systems.
• Knowledge of common IT security frameworks and governance models.
• Knowledge of CVSS V2 and V3.
• Knowledge of NATO responsibilities and organization to include NATO Security Policy and supporting directives.
• Understanding of Cyber issues within NATO or NATO member nation environment
• Prior experience of working in an international environment comprising both military and civilian elements; (please delete if not applicable)
• Knowledge of NATO responsibilities and organization, including ACO and ACT.
• Knowledge about risk management related to Artificial Intelligence tools and developments and its impact on cyber security

Training/Certifications:

• AWS Certified Cloud Practitioner, Certificate of Cloud Security Knowledge, or other cloud/cloud security certifications.
• ISSACA CISM, and/or ISC2 CISSP, CCSP Certification.

Education

• A minimum requirement of a bachelor's degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience, or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post.

Working Location

• Braine l’Alleud, Belgium

Working Policy

• On-Site

Travel

• Some travel to other NATO sites may be required

Security Clearance

• Valid National or NATO Top Secret personal security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.