Systems Engineer (CIS Security Accreditation)

EXPERIENCE AND EDUCATION:

Essential Qualifications/Experience:

·         A minimum requirement of a Bachelor's degree at a nationally recognised/certified University in a related discipline and 3 years post-related experience

·         Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 10 years extensive and progressive expertise in duties related to the function of the post

·         Good knowledge and experience (at least 3 years) in the following areas:

ü  Security Accreditation of major CIS acquisition and/or development projects for a large organization

ü  Security risk assessment methodologies and tools

ü  Planning, design and implementation of security components of major CIS

Desirable Qualifications/Experience:

·         Master's degree at a nationally recognised/certified University in a related discipline

·         Knowledge of NATO Security Policy and supporting directives

·         Knowledge of PILAR risk assessment tool

·         Prior experience of working in an international environment comprising both military and civilian elements

·         Knowledge of NATO responsibilities and organization, including Allied Command Operations (ACO) and Allied Command Transformation (ACT)

DUTIES/ROLE: 

·         Provide security accreditation advice and guidance to NCI Agency Project, System Managers and NCI Agency contractors during whole life cycle of NATO CIS

·         Conduct Security Risk Assessment (SRA) in support of security accreditation of NATO CIS, in particular; identify level of threats and vulnerabilities for all assets comprising NATO CIS, derive residual risks and provide risk management recommendations

·         Identify, plan, develop, request and manage development of required documents for accreditation (CIS Description, Security Accreditation Plan (SAP), Security Risk Assessment (SRA) Report, Security Requirement Statements(SRSt), Security Operating Procedures (SecOPs), Security Test and Verification Plan (STVP), and Security Test and Verification Report (STVR)

·         Draft versions of SSRSs/SecOPs/STVPs/STVR templates review where the contractor presents the draft documents to the customer, with the opportunity for the customer to provide feedback and implement uplifts

·         Witness security testing (in accordance with STVP) and coordinate remediation plan with the relevant SAA

·         Build and sustain effective communications with different stakeholders, including Security Accreditation Boards, NATO Security Accreditation Authorities, and NCI Agency organization units supporting security accreditation process

·         Conducts final documents review (after NSAB review) to present and deliver the final report to the customer

·         Act as a focal point between NCI Agency and NATO SAAs

·         Represent NCI Agency on security accreditation matters

·         Provide relevant inputs to various Project and NCI Agency reports; including Highlight reports, Exception reports, Portfolio Strategic plan etc.

·         Provide subject matter related briefings and presentations

·         Stay abreast of technological developments relevant to the area of work

·         Respond to certification inquiries

·         Deputize for CIS Security Head, as required

·         Performs other duties as may be required by Line Management