Officer, Network Monitoring

Brussels, Belgium
negotiable Expired 11 months ago
This job has expired.

JOB DETAIL

1. SUMMARY

The NATO Chief Information Officer (CIO) function brings Information and Communications Technology (ICT) coherence across NATO Enterprise’s civil and military bodies. The NATO CIO is empowered to realize the Allies’ vision for the NATO Enterprise, is accountable to the Secretary General and is responsible for the development of Enterprise directives and advice on the acquisition and use of information technologies and services. The NATO CIO provides Enterprise oversight on cybersecurity issues, and, in close coordination with all relevant NATO civil and military bodies, works towards the continual improvement of the cyber hygiene and cybersecurity posture in the NATO Enterprise.

The Office of the NATO CIO (OCIO) has an integrated staff organization comprised of International Staff (IS) and International Military Staff (IMS) members.

The Enterprise Security Branch (ESec) maintains Enterprise oversight on cybersecurity and enables awareness on specific risks, processes and incidents. It supports the NATO CIO in managing cybersecurity risks and incidents at Enterprise level, advises and supports the decision-making process for identifying the Enterprise risk appetite and risk acceptance for Communications and Information Systems (CIS) Security. The Branch executes functions deriving from the NATO CIO Enterprise risk owner and top-level incident manager roles for cybersecurity, by coordinating incident response, business impact analysis, risk mitigation, mid- to long- term mitigation measures and lessons-identified definition. The Branch also maintains relations with key Enterprise military and civilian stakeholders at strategic, operational, tactical and technical levels.

The Security Processes Section (SPS) is responsible for ensuring correct support and representation in its role of Enterprise incident manager in front of multiple NATO relevant cyberspace stakeholders. The section is also responsible to provide liaison to network security, threats analysis and advanced technical operations in support of the defence of NATO Enterprise Networks, services and capabilities.

The incumbent performs continuous cybersecurity posture monitoring, conducts NATO Enterprise cybersecurity data analytics, and builds Enterprise cybersecurity situational awareness in support to all associated Enterprise cybersecurity processes, including cyber incident management, risk management, and defensive cyberspace operations. They perform data and trend analysis over time to help generate statistics on relevant Enterprise cybersecurity measures, including key performance indicators. They provide continuous and accurate monitoring of cybersecurity alerts, events and incidents, relevant technical information, and the results of security risks assessments, vulnerability assessments and security audits. The incumbent advises on the toolset required to maintain a timely and accurate oversight of the cybersecurity posture and also manages the Enterprise cyber threat intelligence feeds, in coordination with the NATO Enterprise stakeholders.

2. QUALIFICATIONS AND EXPERIENCE

ESSENTIAL

The incumbent must:

  • have a university degree, or an equivalent level of qualification from an institute of recognised standing, in ICT or a cyber-security related discipline;
  • have at least 3 years of experience in cybersecurity with focus on network monitoring and situational awareness, and cybersecurity data analytics, preferably in a large organisation;
  • have experience in supporting the design, implementation and management of  network security monitoring capabilities in  large distributed IT environment, including collection, correlation, aggregation and analysis of secure data and events;
  • have experience in the generation, provision and long-term assessment of cybersecurity recommendations and guidance originating from incidents happening in and through cyberspace and/or evidences coming from the threat analysis;
  • have knowledge and experience in trend analysis and advanced technical operations in support of the defence of large Enterprise Networks;
  • have experience developing cybersecurity dashboards, correlating information from multiple sources;
  • be experienced in coordinating multiple stakeholders in large, decentralized and multi-cultural organizations;
  • possess an excellent knowledge of network and infrastructure security principles, along with best practices for implementing protective measures, monitoring and logging;
  • have a good knowledge of the principles, policy and procedures governing cybersecurity;
  • be able to draft clear and concise reports, produce and maintain security and risks logs and databases in support of cybersecurity activities;
  • be flexible to work outside of normal office hours, during incident management activities, and travel when required;
  • possess the following minimum levels of NATO’s official languages (English/French): V (“Advanced”) in one; I (“Beginner”) in the other.

DESIRABLE

The following are considered an advantage:

  • cybersecurity certifications such as CISSP, CCSP, CISM or equivalent post-graduate degree in cybersecurity;
  • experience with NATO’s cybersecurity environment, specifically in the CIS security field and related functions;
  • experience in the monitoring and assessment of security audits’ results in support of the risk management processes of a large organization;
  • experience in leading staff work on large and complex projects and to coordinate multiple stakeholders in different and separate locations;
  • experience in incident and risk management tools;
  • knowledge of the NATO organisation, its security policy and supporting directives.

3. MAIN ACCOUNTABILITIES

Policy Development

Contribute to the development of policy, directive and guidance documents in the OCIO areas of responsibility as per their area of expertise.  Develop high-level strategic documents and advice to improve network security monitoring and support the Enterprise incident management processes and procedures.

Expertise Development

Maintain and update an Enterprise-wide overview on cybersecurity posture of Enterprise networks and supporting capabilities to advice the role of CIO as Single Point of Authority for the Enterprise CIS. Based on the latest security assessments and developments in cybersecurity threats, propose improvements of  security mechanisms with focus on network protection, monitoring and secure management, gathering of ideas and lessons learned from other NATO experts across the Enterprise. Conduct trend analysis in support to incident management, risk management and defensive cyberspace operations processes. Keep abreast with the latest technology developments in their area of responsibilities and provide appropriate advice to the Section Head on NATO enterprise networks cybersecurity posture. Support the provisioning of incident management advice and guidance to NATO Nations, NATO civil and military bodies and partner nations and international organizations. Provide advice on evolving security programs in NATO nations, NATO civilian and military bodies, and non-NATO entities.

Project Management

Support the definition of the section projects plan according to the OCIO role(s) in project management processes used in the NATO Enterprise. Identify main decision-makers and other stakeholders relevant for the project success, participate and contribute to project management boards as required. Maintain full understanding of project and program plans, identify and monitor project implementation risks, provide expertise and leadership in the resolution of exceptions and issues.

Stakeholder Management

Establish and maintain a network of relations with key experts in the NATO Enterprise, with a specific focus on Enterprise-wide network security. Develop close cooperation and working relationships with the NATO Operational community on the lifecycle of Enterprise security processes and practices, with a focus on network monitoring and management.

Knowledge Management

Draft background briefs, progress reports, prepare presentations, and other items for high-level meetings. Identify relevant incident management capabilities in place within the whole NATO Enterprise, in order to provide support and recommendations for harmonization and coherence. Contributes to the information sharing with the relevant NATO bodies and Boards in support of Situational Awareness.

Financial Management

Provide Cybersecurity advice and guidance to NATO bodies, nations, civilian and military stakeholders on the development of the yearly program of work for network monitoring and cybersecurity activities, on the basis of identified threats and vulnerabilities for the Enterprise. Manage a predetermined budget for assigned projects.

Planning and Execution

Coordinate and assess cybersecurity measures involving Enterprise networks and their effectiveness under time-sensitive situations. Coordinate and develop mitigation and remediation actions in coordination with other members of the Risk Management Section to improve Enterprise network security posture.

Perform any other related duty as assigned.

4. INTERRELATIONSHIPS

The incumbent reports to the Head, Security Processes Section. They work in close cooperation with the OCIO members of staff, experts of the various NATO Entities and international organizations.  

Direct reports: N/A

Indirect reports: N/A

5. COMPETENCIES

The incumbent must demonstrate:

  • Analytical Thinking: Sees multiple relationships;
  • Flexibility: Adapts to unforeseen situations;
  • Impact and Influence: Takes multiple actions to persuade;
  • Initiative: Is decisive in a time-sensitive situation;
  • Organizational Awareness: Understands organisational climate and culture;
  • Teamwork: Cooperates.
6. CONTRACT
Contract to be offered to the successful applicant (if non-seconded): Definite duration contract of three years; possibility of renewal for up to three years, during which the incumbent may apply for conversion to an indefinite duration contract.
Contract clause applicable:
In accordance with the contract policy, this is a post in which turnover is desirable for political reasons in order to be able to accommodate the Organisation’s need to carry out its tasks as mandated by the Nations in a changing environment, for example by maintaining the flexibility necessary to shape the Organisation’s skills profile, and to ensure appropriate international diversity.
The maximum period of service foreseen in this post is 6 years. The successful applicant will be offered a 3-year definite duration contract, which may be renewed for a further period of up to 3 years. However, according to the procedure described in the contract policy the incumbent may apply for conversion to an indefinite contract during the period of renewal and no later than one year before the end of contract.
If the successful applicant is seconded from the national administration of one of NATO’s member States, a 3-year definite duration contract will be offered, which may be renewed for a further period of up to 3 years subject also to the agreement of the national authority concerned. The maximum period of service in the post as a seconded staff member is six years.
Serving staff will be offered a contract in accordance with the NATO Civilian Personnel Régulations.

7. USEFUL INFORMATION REGARDING APPLICATION AND RECRUITMENT PROCESS

Please note that we can only accept applications from nationals of NATO member countries. Applications must be submitted using e-recruitment system, as applicable:

  • For NATO civilian staff members only: please apply via the internal recruitment portal (link);
  • For all other applications: www.nato.int/recruitment

Before you apply to any position, we encourage you to click here and watch our video providing 6 tips to prepare you for your application and recruitment process.

Do you have questions on the application process in the system and not sure how to proceed? Click here for a video containing  the information you need to successfully submit your application on time.

More information about the recruitment process and conditions of employment, can be found at our website (http://www.nato.int/cps/en/natolive/recruit-hq-e.htm)

Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate), approval of the candidate’s medical file by the NATO Medical Adviser, verification of your study(ies) and work experience, and the successful completion of the accreditation and notification process by the relevant authorities.

NATO will not accept any phase of the recruitment and selection prepared, in whole or in part, by means of generative artificial-intelligence (AI) tools, including and without limitation to chatbots, such as Chat Generative Pre-trained Transformer (Chat GPT), or other language generating tools. NATO reserves the right to screen applications to identify the use of such tools. All applications prepared, in whole or in part, by means of such generative or creative AI applications may be rejected without further consideration at NATO’s sole discretion, and NATO reserves the right to take further steps in such cases as appropriate.

8. ADDITIONAL INFORMATION
NATO is committed to diversity and inclusion, and strives to provide equal access to employment, advancement and retention, independent of gender, age, nationality, ethnic origin, religion or belief, cultural background, sexual orientation, and disability. NATO welcomes applications of nationals from all member Nations, and strongly encourages women to apply.
Building Integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
Due to the broad interest in NATO and the large number of potential candidates, telephone or e-mail enquiries cannot be dealt with.
Applicants who are not successful in this competition may be offered an appointment to another post of a similar nature, albeit at the same or a lower grade, provided they meet the necessary requirements.
The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours.
The organization offers several work-life policies including Teleworking and Flexible Working arrangements (Flexitime) subject to business requirements.
Please note that the International Staff at NATO Headquarters in Brussels, Belgium is a non-smoking environment.
For information about the NATO Single Salary Scale (Grading, Allowances, etc.) please visit our website. Detailed data is available under the Salary and Benefits tab.
Brussels, Belgium

location

This job has expired.