3547 Cybersecurity Engineer

Under the direction of Head of CIS Planning and Implementation Authority Team in CTO, the incumbent will perform duties such as the following:

Solution architecture:

• Contributes to the development of solution architectures in specific business, infrastructure or functional areas by identification of applicable NATO security directives.

Cybersecurity:

• Provides guidance on the application and operation of elementary physical, procedural and technical security controls.
• Explains the purpose of security controls and performs security risk assessments for communication and information systems.
• Identifies risks that arise from potential technical solution architectures.
• Suggests alternate solutions or countermeasures, which can mitigate identified risks.

Requirements definition and management:

• Defines and manages scoping, requirements definition and prioritization activities related to security accreditation.
• Follows agreed standards and applies appropriate techniques to elicit and document detailed requirements related to security accreditation.

User experience analysis:

• Works with stakeholders to prioritize requirements and resolve conflicts.

Additional duties:

• Provide security accreditation advice and guidance to NCI Agency Project, System Managers during whole life cycle of NATO CIS, including providing inputs to Project Proposals and Invitations for Bid.
• Conduct Security Risk Assessment in support of security accreditation of NATO CIS, in particular; identify level of threats and vulnerabilities for all assets comprising NATO CIS, derive residual risks and provide risk management recommendations.
• Identify, plan, request and manage development of required documents for accreditation (CIS Description, Security Accreditation Plan, Security Risk Assessment Report, Security Requirement Statements, Security Operating Procedures, and Security Test and Verification Plan).
• Witness security testing (in accordance with STVP) and coordinate remediation plan with the relevant SAA.
• Build and sustain effective communications with different stakeholders specifically the Security Accreditation Boards, NATO Security Accreditation Authorities, NATO CIS Operational Authorities and NCI Agency organization units supporting security accreditation process.
• Represent the Agency on security accreditation matters.
• Stay abreast of technological developments relevant to the area of work.
• Perform any other duties as may be required.

Do you have experience in System security?, Do you have a Bachelor's degree?, * The candidate must have a currently active NATO SECRET security clearance.

• A minimum requirement of a Bachelor's degree at a nationally recognized / certified University in a related discipline and 2 years post-related experience. Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCIA, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post.
• Relevant certifications, such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP).
• Good knowledge and experience (at least 2 years) in Security Accreditation of major CIS acquisition and/or development projects for a large organization.
• Good knowledge and experience (at least 2 years) in security risk assessment methodologies and tools.
• Good knowledge and experience (at least 2 years) in planning, design and implementation of security components of major CIS.
• Knowledge of NATO Security Policy and supporting directives.
• Prior experience of working in an international environment comprising both military and civilian elements.
• Knowledge of NATO responsibilities and organization, including Allied Command Operations (ACO) and Allied Command Transformation (ACT).

• Working onsite - with a possibility of occasionally working from home.
• Weekly visit to other local offices (such as Braine-l'Alleud) is expected.