NAEW&C Force in Geilenkirchen has identified the requirement for skilled manpower to augment their existing organisation. They specifically want the following:
Skill Category: 4.5 (Cyber Security Policy and Accreditation Specialist)
Level: Preferable 2 (though Level 3 not excluded)
Start Date: MUST START - 1 Apr 2018 (or as near as possible)
Effort Required: up to 31 Dec 2018
Clearance: NATO Cosmic Top Secret (CTS) is MANDATORY (for the whole duration)
The contractor will perform and achieve activities according to specific tasks listed in the scope of work and show progress of deliverables according to the Program of Work. More precisely the specific tasks to be covered include:
- Creation and update of Accreditation Data Set (ADS) Templates.
- Customization of NAEW&C Force selected Security Risk Assessment Tool to match Organizational requirement.
- Interaction with CISOA/CISP and their designated SSO facilitating the assembly of ADS.
- Review of the full set of ADS against Local Security Environment (LSE), Global Security Environment (GSE) and Electronic Security Environment (ESE) compliance with NATO and ACO Security Accreditation Policies, Directives and Regulations
- Auditing and independent verification and validation through Security Testing and Evaluation run by the CISOA/CISP or designated SSO
- Fulfilment of SRA using NAEW&C Force selected Security Risk Assessment Tool.
- Submission of ADS to SAA for endorsement through the Head CISS.
- Update of Security Accreditation Index throughout the whole PoW.
The successful candidate will work onsite at NAEW&C Force HQ in Geilenkirchen under the guidance of the Head of the Command Group Information Security Section.
The contractor must be able to demonstrate all the following skills:
- Knowledge of NATO and other International Cyber Security policies and Directives
- Familiarity with the application of risk assessment methodologies
- Experience with assessment of cyber threats, vulnerabilities and application of risk management
- Experience with high level IT security architectures and policy compliance
- Ability to write risk assessment documents and draft assessment reports scoped to relevant Security Accreditation Authority (SAA)
- Knowledge of PILAR Risk Assessment Tool which is used by NAEW&C Force as well as throughout other NATO Units. Knowledge of similar tools will also be an asset
Consultants must have current NATO CTS clearance (or national equivalent such as DV in the UK may be considered)