Artificial Intelligence Compliance Officer

**PENDING BUDGET APPROVAL**

**1. SUMMARY**

The Joint Intelligence and Security Division (JISD), under the leadership of the Assistant Secretary General for Intelligence and Security (ASG I&S), comprises two principal pillars: Intelligence - headed by the Deputy ASG for Intelligence; and the NATO Office of Security (NOS) - headed by the Deputy ASG for Security.

Within the JISD, the NOS is responsible for the overall coordination of NATO security among member Nations, NATO civil and military bodies as well as International Organisations and partner countries with which NATO cooperates. It is also responsible for the security of the NATO Headquarters and its personnel in Brussels, for the protection of the Secretary General and for the security and safety of its personnel in and on missions abroad.

The NOS comprises the Office of the Director, the Security Policy Oversight Branch (SPOB), the Protective Security and Emergency Services Branch, the Security Intelligence Branch, and the Close Protection Unit.

Within NOS, the Security and Policy Oversight Branch (SPOB) is responsible for ensuring that NATO security policy is applied throughout NATO bodies and member Nations and as well as in non-NATO Nations and organisations, as appropriate, with which NATO cooperates. SPOB develops security policy and directives, supports their implementation and verifies compliance through security audits in the specific functional areas of personnel security, physical security, security of information, Communication and Information System (CIS) Security (also known as Cyber Security) and industrial security.
- The Cyber Security Section, within SPOB, delivers the following three key functions: (i) security accreditation of NATO CIS, (ii) security inspections and surveys in nations and other NATO or non-NATO entities, as well as (iii) maintenance and development of CIS-related security policies and directives.
- The incumbent, under the direction of the Section Head, will be responsible, inter alia, for the protected and compliant implementation of artificial intelligence (AI) across NATO, and security accreditation of NATO CIS especially for CIS using AI/machine learning (ML) mechanisms. S/he will also carry out the cyber security audits in NATO bodies as well as security inspections in NATO Nations and in non-NATO entities.

**2. QUALIFICATIONS **AND **EXPERIENCE**

**ESSENTIAL**
- The incumbent must:
- possess a university degree, or an equivalent level of qualification, in cyber security, information systems or relevant scientific discipline;-
- have 5 years of experience in a cyber security role, preferably in a private Industry, an International Organisation, or a National Security Authority;-
- demonstrated experience and skills in the implementation or security assessment of Artificial Intelligence within a large organisation;-
- have a comprehensive AI/ML knowledge and proven experience in designing AI/security architectures, implementing security controls, and machine learning setup;-
- have extensive knowledge of other modern technologies/solutions and their inherent risks, such as Internet of Things, cloud computing, virtualisation (e.g. virtual desktop infrastructure), artificial intelligence, and 5G;-
- have experience of conducting security risk assessments and management;-
- possess a thorough understanding of cyber security international standards and best practices;-
- demonstrate excellent written skills and the ability to draft clear and concise policies and reports;-
- be able to present complex CIS security issues in simple terms in order to facilitate consensus and decision-making at the highest governance and management levels;-
- demonstrate mature judgement, political sensitivity and the ability to instil confidence in their direct dealings with senior civilian and military officials;-
- possess the following minimum levels of NATO’s official languages (English/French): V (“Advanced”) in one; I (“Beginner”) in the other;-
- be prepared to work outside normal office hours and travel extensively as required, occasionally on short-notice.**DESIRABLE**
- The following would be considered an advantage:

- experience in incident handling and knowledge of cyber forensics procedures;
- knowledge of threat hunting and purple team techniques and principles;
- knowledge of project and programme management; and
- professional certification(s) in Cyber security.

**3. **MAIN **ACCOUNTABILITIES**

**Project Management**
- Carry out, coordinate security audits for NATO CIS, and inspect all NATO Bodies for the policy compliant implementation of AI, as directed by the Section Head. Conduct security accreditations for NATO CIS. Advise on and coordinate the planning and implementation of Cyber Security provisions in NATO-wide projects. Assist the other NOS branches in responding to cyber-attacks and major cyber incidents on NATO networks. Participate in NOS security inspections/reviews, with particular refe