NATO HQ 09 - Cybersecurity Incident Manager (NS), Brussels - Mon 11th Oct

Jobinhalt

DEADLINE DATE: MONDAY 11th OCTOBER 2021
Requirement Title: Enterprise Cybersecurity Incident Manager
Required Start Date: September 2021
The incumbent will work on the coordination of response to Cybersecurity Incidents involving Enterprise CIS and services, performed by the Office of the CIO.
S/HE will execute the follow-on activities through engagement with several NATO stakeholders (es.: NATO technical authorities, risk management authorities, NATO entities across the Enterprise, etc…).
This will include NATO risk managers, CIS provider (CISPs), the NATO Cyber Threat Assessment Branch (CTAB) and the NATO Cyber Operational Centre (CyOC).
S/HE will also be responsible for further development, maintenance and update of the Enterprise Incident Management framework and supporting processes.
Required security clearance of NATO Secret
The contracted individual must be able to perform effectively and efficiently with minimal supervision the following tasks:

• Coordinate and assess cybersecurity incident response activities and their effectiveness, in particular for incidents involving Enterprise systems
• Coordinate and develop mitigation and remediation actions, in order to ensure a coherent response, Enterprise wide, to identified events and incidents.
• Develop, maintain and update an Enterprise-wide incident management framework to support the role of the CIO as Single Point of Authority for cybersecurity, in coordination with relevant NATO stakeholders, such as NCIA and CyOC
• Liaise with the Cyberspace Operations Centre (CyOC) deployed elements for the coordination of Defensive Cyberspace activities.
• Liaise with the NCIA for monitoring and coordination of technical activities in relation to cybersecurity incidents
• Liaise with the NATO Cyber Threat Assessment Branch for monitoring and assessment of cybersecurity threats
• Recommend mitigation and contingency activities to address threats, vulnerabilities and related issues to NATO Enterprise networks.
• Provide cybersecurity advice and guidance and develop the yearly program of work for the Auditing and Security activities

The duration the contract will cover an initial period starting September 2021 through 31 December 2022, with optional years for 2023 (1-Jan to 31-Dec).

Requirements:
STATEMENT OF WORK
Required security clearance: NATO Secret

The candidate must have knowledge and multiyear experience in the organization, management and support of international operations, activities, units and projects related to defence, security, electronics and communications and possess:

• A degree from a university or establishment of similar standing;
• At least 3 years of experience in cybersecurity incident management, preferably in a large organization;
• Experience in the development of processes and cybersecurity incident response mechanisms, preferably in a large organization;
• Experience in the provision of cybersecurity advice and guidance following incidents happening in and through cyberspace;
• Knowledge and experience coordinating multiple stakeholders during the response activities to cybersecurity related incidents in large, geographically sparse organizations;
• An excellent knowledge and experience with cybersecurity incident response processes;
• A good knowledge of the principles, policy and procedures governing cybersecurity, preferably in military and/or defence organizations;
• The ability to draft clear and concise reports, produce and maintain cybersecurity incident reports, security and risks logs and systems in support of cybersecurity incident response activities;

The following would be considered an advantage:

• Experience within NATO in leading cyber incident response activities;
• a knowledge of the NATO organization, its security policy and supporting directives;

Benefits:

• SECURITY AND NON-DISCLOSURE AGREEMENT

The contracted individual must be in possession of a security clearance of NATO Secret or above.
The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution.

Job Type: Full-time

Work Location: Multiple Locations