Cybersecurity Operations Specialist

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Background

The NCI Agency has been established with a view to meeting the collective requirements of some or all NATO nations in the fields of capability delivery and service provision related to Consultation, Command & Control as well as Communications, Information and Cyber Defence functions, thereby also facilitating the integration of Intelligence, Surveillance, Reconnaissance, Target Acquisition functions and their associated information exchange.

The NATO Cyber Security Centre (NCSC) is a team of over 200 members working to monitor and protect NATO networks. In the NCSC’s role to deliver robust security services to the NATO Enterprise and NATO Allied Operations and Missions (AOM), the centre executes a portfolio of programmes and projects around 219 MEUR euros per year, in order to uplift and enhance critical cyber security services.

The Cyber Security Operationalize Branch’s mission is to monitor, detect, analyse and respond to cyber incidents and cyber threat activity. It acts as the NATO Computer Emergency Response Team (CERT) for NATO with a NATO-wide mandate. It is responsible for sharing information related to cyber security incidents with NATO Nations and NCIA industry partners

Role Duties and Responsibilities

Helpdesk Operations

• Support the dedicated 24/7 helpdesk team of cybersecurity
• Implement multi-channel support (phone, email, internal chat) for incident reporting and user assistance
• Develop and maintain a knowledge base for common security issues and their resolutions
• Provide regular reporting on helpdesk performance and security incidents

Incident Response and Incident Management

• Respond to all security alerts within 5 minutes of receipt
• Perform initial triage of cyber security incidents
• Escalate critical incidents to appropriate personnel within 30 minutes
• Provide regular status updates to Project Manager / Service Manager during ongoing incidents
• Implement a robust incident detection and classification system

User Support

• Password resets and account lockouts
• VPN and remote access issues
• Suspicious email and phishing attempts
• Security software queries and troubleshooting

Management of Secure Management Centre (SMC)

• Provide real-time monitoring and analysis of security events across the Client's networks
• Manage and update security policies and rules across network devices
• Provide secure remote access solutions for authorized personnel
• Ensure compliance with relevant security standards and regulations
• Conduct regular security audits and assessments of the SMC

Service Level Agreements (SLAs)

• 9% helpdesk availability
• Average speed of answer: 30 seconds
• First call resolution rate: 80%
• Critical incident response time: 10 minutes
• Information Assurance incident initial response time: 30 minutes
• Information Assurance incident containment time: 4 hours for critical incidents
• SMC uptime: 99.99%
• Security event analysis and triage: within 15 minutes of detection
• Critical security patch deployment: within 24 hours of release

Client Responsibilities

• Provide necessary access to systems and information required for all services
• Designate primary points of contact for escalations and decision-making
• Ensure end-users are informed about the helpdesk service and how to access it
• Promptly report any suspected security incidents
• Cooperate in incident investigations and provide necessary resources
• Provide timely approval for security policy changes and updates
• Ensure compliance with security policies and procedures

Essential Skills and Experience

Required skillset of the proposed resource is extensive knowledge and experience (more than 5 years). Moreover, demonstrated experience in IP Crypto devices are a must.

• Experience with Information Systems Engineering and Maintenance – Information Security Implementation Computer Security;
• A good knowledge of Computer Security principles and procedures. Proficiency with Cryptography Technology. Knowledge of Internet Protocol based networks and components (routers and switches);
• Working knowledge of Router configuration;
• A good knowledge of public key infrastructure technology;
• Working knowledge of Crypto systems and techniques;
• A high level of knowledge of network, system and application level troubleshooting techniques;
• Extensive experience in the analysis of risk and in the implementation and integration of Information Security protective measures;
• Red Hat certified and/or Linux professional certified;
• Specific experience: Must be familiar with the detailed and complex NATO standards for the operation of CRYPTO and the associated equipment that process and secure NATO classified information;
• Experience in development and implementation of computer security policies;
• Experience in evaluation and accreditation of telecommunications and information systems;
• Experience in security requirements analysis.
• Hold one or more of the following IT security qualifications/certifications:
  • CCNA;
  • ITIL foundation in IT Service Management
  • TCE 621 Operator Course THALES Norway
  • TCE 671 Operator Course THALES Norway
• Prior experience of working in an international mission environment comprising both military and civilian elements;
• Knowledge of NATO responsibilities and organization, including ACO and ACT.

Working Location

• Mons, Belgium

Working Policy

• On-Site

Travel

• Some travel to other NATO sites may be required

Security Clearance

• Valid National or NATO Secret personal security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.