Cyber Security Officer

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who We Are Supporting

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.
  
  

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Background

NCI Agency – CloudOps team

The NATO Communications and Information Agency (NCIA) is dedicated to supporting NATO's strategic objectives, including the ambitious NATO 2030 agenda. As part of this commitment, we are spearheading the modernization and digital transformation of NATO’s IT services. Our focus is on leveraging public cloud technologies like Microsoft 365 and Intune, incorporating a security‐by‐design approach, and ensuring a seamless transition to a modern, collaborative workplace environment.

To achieve these goals, we are building a Cloud Operations team under the Cloud Portfolio, operating under the NATO Enterprise Cloud Operating Model (NECOM) and under the guidance of the Cloud Center of Excellence (CCoE). The NECOM framework provides a standardized approach for cloud service management, ensuring interoperability, scalability, and security across NATO's IT infrastructure. The Cloud Center of Excellence will serve as a hub for best practices, innovation, and expertise, driving the adoption and optimization of cloud technologies within NATO. This team will play a crucial role in our journey towards providing managed, protected, and reliable End User Services.

Embracing the latest technological advancements, this initiative will foster innovation and ensure NATO remains at the cutting edge of IT capabilities. By continuously evolving and integrating new technologies, we aim to enhance operational efficiency and readiness for future challenges. This remote position offers an exciting opportunity to be at the forefront of NATO's technological evolution and contribute to the security and efficiency of our operations

Role Duties And Responsibilities

Efficient ITSM request handling

• Promptly respond to and resolve IT Service Management (ITSM) requests related to security and compliance issues.
• Ensure accurate documentation of all requests and actions taken in the ITSM tool.
• Maintain a high level of customer satisfaction through effective communication and resolution of issues.
• Collaborate with relevant teams to develop and improve service request definitions
  
  

Proactive compliance verification

• Regularly review and audit systems to ensure compliance with internal security policies.
• Identify and report any compliance gaps or vulnerabilities, and coordinate with relevant teams to address them.
• Stay updated on the latest compliance standards and best practices to ensure continuous improvement.
• Actively maintain a risk register and inform the appropriate stakeholders
  
  

Cloud provider monitoring and dashboard management

• Set up, configure, and fine‐tune monitoring dashboards in Microsoft Azure and Amazon AWS portals to provide real‐time visibility into the security posture of the organization.
• Implement alerting mechanisms for critical security events and ensure they are effectively monitored.
• Continuously optimize and update dashboards to reflect changing security needs and threats.
  
  

Incident handling and coordination

• Act as the first point of contact for security incidents, ensuring prompt identification and coordination with internal and external stakeholders.
• Coordinate with internal and external teams to manage and mitigate security incidents.
• Maintain detailed incident logs and reports, and conduct post‐incident reviews to identify lessons learned and improve future response efforts
  
  

Security testing and accreditation

• Organize, coordinate and perform CIS security test and verification activities;
• Support CIS security accreditation activities and remediation tasks;
• Coordinate and plan security audits.
  
  

Continuous improvement

• Actively participate to enhance the overall security posture of the organization sharing knowledge and best practices with team members
• Create and update knowledge base articles and documentation to assist in the resolution of common cybersecurity issues
• Improve established processes, procedures and templates when needed.
  
  

Essential Skills And Experience

• Experience and knowledge in Cloud platforms such as (but not limited to) Microsoft Azure and Amazon AWS.
• Experience in incident handling and coordination, cyber security hygiene and cyber security compliance frameworks.
• General experience in all lifecycle aspects of Communication Information Systems (CIS) aimed at achieving effective system development and deployment. Sound technical knowledge on wide area networks and local area networks.
• Ability to work independently, with minimal guidance
• Experience in implementing CIS security criteria and associated applications, assessing the effectiveness of security software, resolving problems.
  
  

Desirable Skills And Experience

• Previous work experience in international organizations, such as NATO, or specialized Defence Industry
• Knowledge of NATO CIS Security Policy, Directive and Guidance
• CISSP Certification
  
  

Education

• University Degree and 3 years function related experience or Higher Secondary Education and completed advanced vocational training leading to a professional qualification or professional accreditation with 4 years post related experience.
  
  

Working Location

• Braine L’Alleud, Belgium
  
  

Working Policy

• Hybrid (80% remote, 20% onsite)
  
  

Travel

• Some travel to other NATO sites may be required
  
  

Security Clearance

• Valid National or NATO Secret personal security clearance
  
  

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.