Cyber Security Accreditation Specialist

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role ID – 2025-0216

Role Background

NCIA is seeking highly skilled service delivery in Cyber Security Accreditation Support to support our team within the NATO Cyber Security Centre (NCSC). The specialist will be responsible for supporting the accreditation of NATO CIS systems and public cloud services, ensuring full compliance with NATO security policies and directives. These services involve preparing security documentation, conducting risk assessments, and serving as the liaison between project teams and Security Accreditation Authorities. The expert will contribute to the secure delivery of IT capabilities by developing Security Accreditation Plans, Security Risk Assessments, and managing stakeholder engagement throughout the accreditation lifecycle.

Role Duties and Responsibilities

• Solution Architecture: Contributes to secure solution designs by identifying applicable security directives and providing accreditation input throughout the lifecycle.
• Cyber Security Risk Management: Supports risk assessments for NATO CIS components, identifying threats and proposing mitigation strategies for identified risks.
• Security Documentation and Planning: Develops essential security documentation like SAPs and SRSs, manages STVPs, and oversees security testing.
• Security Accreditation Liaison: Coordinates with accreditation authorities and represents the Agency in relevant security boards and stakeholder meetings.
• Requirements Definition: Defines and manages accreditation requirements, supporting bid evaluations and documentation throughout the acquisition lifecycle.
• User Experience Analysis: Engages stakeholders to clarify accreditation needs, addressing conflicts to ensure a user-centric approach.
• Communication and Reporting: Provides input to project reports, delivers briefings on security accreditation matters.
• Technology Awareness: Stays current with cybersecurity, cloud, and compliance technologies, participating in knowledge-sharing sessions.
• Reporting and Analysis: Generates reports on device compliance, usage, and management activities to provide insights into security.
• Collaboration with IT Support: Works with IT support to resolve complex device issues, acting as a subject matter resource in mobile device management.
• Documentation and Training: Maintains documentation for cloud operations, provides training and support for knowledge sharing.
• Collaboration and Communication: Collaborates with security and other teams to ensure cohesive strategies, communicates with stakeholders to understand needs.

Essential Skills, Experience and Certifications

• Experience:
• At least 5 years of experience supporting cyber security projects for large-scale CIS environments.
• At least 5 years of background in system security engineering, accreditation, and architecture.
• Accreditation Expertise:
• Proven experience with NATO or national security accreditation.
• Familiarity with lifecycle accreditation documentation (SAP, SRS, STVP).
• Understanding of accreditation authority structures and stakeholder dynamics.
• Risk Assessment Proficiency:
• Skilled in conducting security risk assessments and SRARs.
• Familiar with NIST SP 800-30, ISO 27005 frameworks.
• Ability to advise on remediation and residual risk handling.
• Security Policy Knowledge:
• Thorough knowledge of NATO Security Policy and ACO/ACT frameworks.
• Ability to interpret and implement policy requirements.
• Experience contributing to policy and directive development.
• Technical Security Understanding:
• Understanding of secure architecture principles in hybrid/public cloud.
• Knowledge of identity, access management, and ZTNA concepts.
• Familiarity with data protection strategies, including encryption and DLP.
• Communication Skills:
• Excellent written communication for reporting and documentation.
• Effective oral communication and stakeholder engagement.
• Presentation of security posture and compliance status to senior audiences.
• Stakeholder Engagement:
• Comfortable liaising with SAAs, PMs, and operational authorities.
• Representation in SABs and NATO-wide working groups.
• Capable of conflict resolution and negotiating accreditation paths.
• Project Support:
• Provide accreditation advice for proposals, bids, and tenders.
• Support for security deliverables during project lifecycle.
• Input into procurement, development, and deployment stages.
• Multinational Experience:
• Experience working in international, multi-cultural environments.
• Familiarity with civil-military collaboration structures.
• Appreciation of NATO’s organizational mission and governance.
• Certifications:
• Desirable: CISSP, CISM, or CISA.
• Other relevant training in security risk or audit domains.
• Commitment to ongoing professional development.
• Language:
• Fluent in English, both spoken and written.
• French language proficiency is an asset.

• Security and Compliance Knowledge:
• Understanding of security best practices and compliance requirements related to Intune Device Management and Operations.
• Experience conducting audits and ensuring adherence to regulatory standards.
• Communication and Collaboration:
• Excellent communication skills to effectively collaborate with IT teams, stakeholders, and end-users.
• Ability to document processes clearly and provide training on IAM tools and practices.
• Organizational Skills:
• Strong organizational skills to manage multiple tasks and priorities effectively.
• Attention to detail in managing M365 environment and the Microsoft Intune Platform.
• Team Collaboration:
• Ability to work effectively as part of a team and share knowledge and resources.
• Willingness to collaborate with colleagues to solve complex issues.
• Others:
• The individual has strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
• Full proficiency in the English language. French language proficiency is of advantage.

Working Location

• The Hague, Netherlands

Working Policy

• On-site

Travel

• Some travel to other NATO sites may be required

Security Clearance

• Valid National or NATO Secret personal security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.