Experience And Education

Essential Qualifications/Experience:

• A minimum requirement of a bachelor's degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience
• Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post
• Several years of experience (at least two years) with system security, security architecture, network security engineering, and security governance including policy alignment, risk management, performance management and value delivery
• Proven experience in CIS Security
  
  

Desirable Qualifications/Experience

• Good knowledge of containerized micro services and applications, Kubernetes, Docker, etc.
• Good knowledge of main public cloud ecosystems
• Good knowledge and exposure to Cloud standards, architecture, and models
• Knowledge of industry standard DevSecOps tools and frameworks
• Knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration
• Excellent knowledge of, and experience using, common security tools Tenable Nessus, NMAP, Tanium endpoint management, Microsoft Defender, Trelix ePO etc.
• Knowledge of common MS and Linux updating and patching systems
• Knowledge of common IT security frameworks and governance models
• Knowledge of CVSS V2 and V3
• Knowledge of NATO responsibilities and organization to include NATO Security Policy and supporting directives
• Understanding of Cyber issues within NATO or NATO member nation environment
• Prior experience of working in an international environment comprising both military and civilian elements; (please delete if not applicable)
• Knowledge of NATO responsibilities and organization, including ACO and ACT
• Knowledge about risk management related to Artificial Intelligence tools and developments and its impact on cyber security
• Training/Certifications:
  
  

ü AWS Certified Cloud Practitioner, Certificate of Cloud Security Knowledge, or other cloud/cloud security certifications

ü ISSACA CISM, and/or ISC2 CISSP, CCSP Certification

Duties/Role

• Supports Communication Information Systems (CIS) Security assurance of all NDWC services
• Contribute to the enforcement of NATO Policy, Agency Directives and Standard Operating Procedures (SOPs) within NDWC and produces tailored guidance to Service Area Owners (SAO) ensuring balance between business continuity and security
• Liaison with NATO Cyber Security Centre (NCSC) to provides operational CIS security support to all services provided by NDWC
• Provides subject matter expert knowledge to assist NDWC technical development activities to maintain integrity of NCIA's operational business networks assuring secure operations in a globally networked and highly mobile environment
• Support information security processes for all NDWC Managed CIS within the Agency, both for internal operations and for Agency's customer-funded Networks
• Contribute to the resolution of security requirement conflicts and collaborates with PMs, SDMs and engineers to appropriately convert customer requirements into secure services
• Coordinate with systems administrators in support of security architecture requirements
• Identify cyber security-related Key Performance Indicators and generate reports to ensure full visibility of all NWDC Managed CIS
• Support NCSC and Security and Evaluation Agency (SECAN) vulnerability assessment testing and penetration testing performed on NDWC managed CIS
• In coordination with NCSC Accreditation Support Office supports all phases of security accreditation processes required to maintain operation status
• Deputize for higher grade staff, if required
• Performs other duties as may be required