Cybersecurity Standards Engineering Support Services

Essential Qualifications/Experience:

·       The candidate must possess a university degree in a relevant engineering or technical field such as computer science, systems science, or an equivalent technical qualification

·       The candidate must have comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications

·       The candidate must have at least five (5) years of demonstrated experience working with national or international CIS and cyber security standards, including their application and auditing at both governance and operational levels. Demonstrated experience working with NIST and ISO standards is essential

·       The candidate must have demonstrated experience in securing cloud-based environments

·       The candidate must have demonstrated experience in defining and implementing cyber security architectures, including Zero Trust principles

·       The candidate must have good knowledge of securing AI-enabled systems and data-driven capabilities

·       The candidate must demonstrate strong communication and presentation skills, including the ability to convey complex cyber security concepts to both technical and non-technical audiences

·       The candidate must demonstrate strong project management skills

·       The candidate must demonstrate the ability to analyse complex cyber security specifications and translate them into clear, actionable requirements or standards artefacts

·       The candidate must demonstrate a strong security-focused and analytical mindset, with attention to detail and problem-solving capability

Desirable Qualifications/Experience:

·       The candidate must have knowledge of high-level programming languages. Experience with languages such as Python

·       Knowledge of NATO Security Policy and its supporting Directives

·       Knowledge of the NATO Digital Policy Committee (DPC) and its substructure

·       Knowledge of NATO standardization artefacts, including STANAGs, Allied Communications Publications (AComP), and Standards Related Documents (SRD)

·       Knowledge of NATO CIS Security Accreditation processes, or equivalent national processes

·       Knowledge of additional cyber security standards and frameworks, such as PCI-DSS, FedRAMP, or C5

·       Recognised professional certifications in cyber security and/or project management

DUTIES/ROLE:

·       The Cyber Security Standard Engineering Support Services require a professional who can provide expert support in the analysis, coordination, development, and maintenance of NATO Cyber Security and CIS standards. The contractor will contribute to the design and evolution of NATO standardization artefacts within the cyber security domain, working closely with engineers, national subject matter experts, standards custodians, and relevant NATO stakeholders. The role supports the Interoperability and Standardization Section (ISS) as a cross-functional capability, ensuring consistent, secure, and interoperable cyber security standards across NATO’s digital technology portfolio. The contractor shall provide the following services in an effective and timely manner:

ü  Requirements Analysis and Stakeholder Coordination

ü  Development and Maintenance of Cyber Security Standards

ü  Development of Cyber Security Conformance Criteria and Audit Objectives

ü  Development of Cyber Security Reference Architectures

ü  Support to Secure Cloud and AI Capabilities

ü  Interoperability and Standards Harmonization

ü  Reporting, Briefings, and Technical Communication

ü  Support to Unforeseen and Ad Hoc Requirements