Cis Security Officer

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

**Who we are supporting**

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

- Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
- Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
- Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
- Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

**The program**

**Assistance and Advisory Service (AAS)**

The NATO Communications and Information Agency (NCI Agency) is NATO's principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

In order to provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance engaged workforce. The NCI Agency workforce strategically consists of three major categorises: NATO International Civilians (NIC)s, Military (Mil) and Interim Workforce Consultants (IWC)s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

**Role Duties and Responsibilities**
- Supporting all technical development activities required to maintain the confidentiality, integrity and availability of NIMSC operational business networks;
- Maintaining personal core competencies (functional and technical) in the Information Assurance area;
- Planning and coordinating, in close corporation with NATO Cyber Security Centre, the internal development of security architectures for large-scale systems, networks, and infrastructure solutions;
- Resolving security and non-security requirement conflicts, and collaborating with team leaders, scientists and developers to appropriately convert functional needs into technical security requirements;
- Coordinating with systems and network administrators in support of security architecture requirements;
- Supporting the identification of security-related Key Performance Indicators and generating reports to ensure full visibility of the overall NCI Agency Information Security posture;
- Reviewing network interconnection requests and user access requests;
- Coordinating and overseeing vulnerability assessment and penetration tests performed on NIMSC systems; overseeing remediation activities and reporting on progress;
- Overseeing enrolment of NIMSC systems in security monitoring and incident response programs;
- Supporting all phases of the security accreditation processes required to maintain operational status;
- Contributing to the creation and maintenance of the NIMSC CIS Security Risk and Issue Register;
- Planning and deploying a variety of hardware, software, and security products;
- Providing feedback, advice and guidance to senior management in the areas of enterprise architecture, NATO security accreditation activities, procurement as well as training and awareness programmes;
- Conducting INFOSEC training and awareness programmes;  Contribute to the Business Continuity Plan in the NIMSC CIS Security area;
- Deputize for higher grade staff, if required;  Performs other duties as may be required

**Essential Skills and Experience**
- Certified Information Systems Auditor(CISA), Certified Information Systems Security Professional(CISSP) or Certified Information System Manager(CISM); Must have previous experience of Risk Management / Analysis and Security Audits.
- At least two years' experience within any 2 of the following areas: system security, security architecture, network security engineering, security governance including strategic alignment, security audit, risk management, performance management and value delivery;
- Detailed knowledge and working experience of network and security technologies such as IPv4/IPv6, IPsec, routing protocols, Firewalls, Virtual Private Networks, Intrusion Detection and Forensic Appliances;
- Experience with high-availabili