Windows Engineer

• Collaborating with cross-functional teams, including IT, security, compliance, and management, to gather information, address concerns, and ensure alignment throughout the accreditation process;
• Participating in meetings, workshops, and presentations to communicate accreditation requirements, progress, and recommendations to stakeholders at various levels;
• Ensuring appropriate security measures are implemented under NATO security governance
• Collaborating with NCBR on remediation activities;
• Supporting the development of mitigation and remediation plans following the identification and assessment of cybersecurity risks for NHQ CIS, including assessing residual risks after the application of cybersecurity risk mitigation measures;
• Ensuring the security of all NHQ-managed CIS and networks for internal and customer-funded operations;
• Maintaining compliance with NATO INFOSEC policies and directive
• Designing, deploying, configuring, maintaining, and operating existing IT infrastructure using approved management and security tools (e.g., ENS, DLP);
• Ensuring approved security configurations are implemented and maintained within the organization;
• Overseeing and managing AD security solutions for NHQ-managed CIS;
• Ensuring continuous monitoring and coordination of vulnerability remediation;
• Providing expert security advice in coordination with NCSC and the NATO Security Accreditation Board;
• Ensuring appropriate security measures are implemented under NATO security governance;
• Conducting internal vulnerability assessments and reporting findings;
• Providing guidance to senior management on enterprise architecture, procurement, and NATO security accreditation;
• Contributing to training and security awareness programs;
• Working with NCI Agency Service Delivery Managers on security remediation activities;
• Ensuring adequate systems and data protection in accordance with NATO security policies;
• Addressing security findings identified during audits;
• Implementing corrective actions to mitigate identified vulnerabilities;
• Documenting remediation efforts for compliance and reporting purposes;
• Assessing current password reuse practices;
• Establishing strong password enforcement mechanisms;
• Developing and delivering training sessions to educate users on secure authentication methods;
• Implementing an optimized delegation model within Active Directory;
• Cleaning up obsolete or inactive accounts, groups, and objects;
• Reviewing and refining shared permissions to eliminate unnecessary access;
• Evaluating auto-forwarding rules to prevent unauthorized data exfiltration;
• Strengthening security measures for email handling and forwarding policies;
• Establishing and enforcing a structured patching cycle for system security updates;
• Providing recommendations for securing Active Directory against emerging threats.

Do you have experience in Windows?, Do you have a Bachelor's degree?, * Bachelor's degree in a relevant field + 2 years of related experience OR: 6+ years of relevant experience if no degree;

• Expert knowledge of Microsoft Active Directory (AD) and Enterprise network security;
• Comprehensive understanding of computer and communication security principles, modern operating systems vulnerabilities, and networking;
• Experience in implementing CIS security protective measures in AD environments;
• Familiarity with NATO CIS Security accreditation processes and requirements;
• Previous experience with NHQ CIS administration;
• Proven ability to analyze complex scenarios and develop innovative solutions;
• Excellent written and verbal communication skills for articulating complex issues to diverse audiences;
• Excellent troubleshooting skills;
• Knowledge of NATO responsibilities and organization;
• Speak and write fluent English.