Technical Lead Architect
Role details
Job location
Tech stack
Job description
- Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
- Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
- Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
- Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
- Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.
Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.
The program
Assistance and Advisory Service (AAS)
The NATO Communications and Information Agency (NCI Agency) is NATO's principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.
To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce. Role ID - 2026-0097 Technical Lead Architect Role Background
-
The ITM Recovery Increment 1 (ITM RC1) project will replace the legacy Automated Information Systems (AIS) NS classification network with a modernized ITM Operational Network (ON) at NS in a private cloud across the NATO Command Structure (NCS). The project structure includes 14 Work Packages, organized in 4 pillar teams with about 30 people interacting daily with each other and externally too. This task falls under WP07 System Integration scope. Role Duties and Responsibilities 1 Architecture Validation & Guidance
-
Review and validate the design documents for the private air-gapped cloud
(vCF 9, NSX-T, Cisco ACI), identifying gaps, risks, and non-conformances against best practices, dependencies and overarching NATO architecture and directives documents.
- Provide design guidance to infrastructure and platform teams throughout
the implementation lifecycle.
- Define and maintain architecture decision records (ADRs) and ensure
traceability from requirements to design. 3.2 Interface Control & Integration
-
Define and specify Interface Control Documents (ICDs) between the private cloud infrastructure and all producer/consumer services.
-
Ensure interfaces are designed with security, observability, and automation
in mind.
- Maintain an interface register and track ICD sign-off across workstream
owners. 3.3 Cross-team Coordination
- Coordinate design and implementation efforts between the cyber security
team and the infrastructure team, specifically covering: o Privileged Access Management (PAM) implementation via CyberArk. o PKI design and certificate lifecycle management. o Cyber Security Monitoring capability integration with the private cloud.
- Chair or co-chair joint design sessions and resolve cross-team technical
dependencies.
3.4 Automation & IaC Enablement
- Validate and guide implementation of infrastructure automation using
Ansible / AAP, Terraform, Jenkins, and vCF Automation.
- Define the automation and IaC target operating model for the cloud
platform team.
- Advise on and document the transition from traditional infrastructure
support to an automation-first operating model.
- Support upskilling of cloud operating teams in automation principles and
tooling. The Contractor will be part of a team and will provide services using Agency tools and reporting. There will be monthly planning and review meetings, weekly scrum meetings to track progress and more asynchronous meetings based on deliverables for the areas identified above Essential Skills, Experience and Certifications Platform & Infrastructure
-
Hands-on experience with VMware vCF 5; working knowledge of vCF 9 (direct vCF, * On site NCI Agency The Hague/ off-site Working Policy The Contractor will be required to work at least 50% on site NCI Agency The Hague.
-
NCIA Recognised Business hours
o NCIA The Hague Operations:
- Monday to Thursday 0830 - 1700 and Friday 0830 - 1500 (CET)
- Contractor Furnished Services:
o The Contractor will be provided with a Reach Laptop and access to information required to perform the contract Travel
-
Some travel to other NATO sites may be required Security Clearance
-
Valid National or NATO Secret personal security clearance
Requirements
- Experience designing or validating NSX-T software-defined networking at enterprise
scale.
- Familiarity with Cisco ACI in a multi-site or data centre context. Security
- Demonstrable experience applying Security by design principals (e.g Zero Trust
Approaches) to private cloud or data centre environments.
- Direct experience with CyberArk PAM implementation and integration.
- Understanding of PKI design and certificate management in enterprise
environments. Automation & IaC
- Hands-on experience with two or more of: Ansible / AAP, Terraform, Jenkins, vCF
Automation.
- Experience leading or supporting the adoption of IaC practices within an
infrastructure or cloud operating team. Architecture Practice
- Ability to produce and maintain ADRs, ICDs, and architecture review reports to a
professional standard.
- Experience coordinating across security, infrastructure, and application teams in a
complex enterprise programme. Supplier Response Requirements Suppliers should address the following in their submission (maximum 4 pages).
- Experience - evidence of comparable assignments involving enterprise private
cloud architecture, vCF / NSX-T / Cisco ACI, , CyberArk PAM, and IaC adoption at scale.
- Track Record - at least two references from similar engagements in the last 3
years, with measurable outcomes and client contacts.
- Approach to Objectives - how the proposed candidate will cover both the
architecture/governance and automation/IaC tracks concurrently, manage cross- team coordination, and ensure deliverables in §4 are met on schedule