This is a remote position.
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· Expert knowledge of NATO’s Data Centric Security (DCS) and Zero Trust vision and strategy, along with expert technical knowledge of enablers such as the NATO Metadata Binding Service and NATO End Point Labelling demonstrators
· Detailed knowledge of Industry and NATO standards in the area of labelling, binding and marking
· Expert knowledge of NATO Confidentiality Label Syntax specifications, profiles and emerging standards
· Expert knowledge of NATO Metadata Binding Mechanism specifications, profiles and emerging standards
· Expert knowledge of NATO Core Metadata Specification, profiles and emerging standards
· Expert knowledge of NATO Core Data Framework (NCDF) and related profiles and emerging standards
· Detailed knowledge of NATO’s STANAG and IEPD processes
· Detailed knowledge of NATO cross-domain solutions and information exchange requirements
· Detailed knowledge of FMN concepts, evolutionary strategy and the NFIP
· Detailed knowledge of AFS concepts, evolutionary strategy and the AFS Joining Instructions
· Detailed knowledge of methods and mechanisms to resolve security label translation/mapping between NATO and NATO national systems
· Detailed knowledge of federated Identity and Access Management (IdAM) policies, standards and industry trends
· Detailed knowledge and experience with Web Service-specific security standards and products including Security Policy Information File (SPIF), OIDC, SAML 1.x and 2.0, XACML, WS-Security, WS-Trust, Microsoft Active Directory Federation Services (ADFS), and competing products in this space
· Detailed knowledge and experience with Service Oriented Architecture (SOA) implementation concepts including Web Services, SOAP, REST, Publish-Subscribe, JSON, XML, WSDL and UDDI, as well as Web Services specifications
· Detailed knowledge and experience with specific security areas including PKI, X.509, and products including Microsoft Certificate Services and Entrust Certificate Authority. Knowledge of the Enterprise NPKI would be beneficial
· Expertise in commercial security labelling products and object level protection solutions
· In-depth familiarity with NATO organisational and political structures and relationships with NATO and Partner nations
· Good understanding of cryptography
· Good understanding of the project management methodologies, including PRINCE 2 and Agile/Scrum
DUTIES/ROLE:
· Allied Command Transformation (ACT) POW:
ü Support and technical expertise as subject matter experts for ACT’s objectives in the “Interoperability Continuum” (CWIX, TIDE Sprint, iO360, Hackathon).
ü Develop Enterprise level architectures supporting the successful conception of DCS to inform how it fits in NATO business functions and use cases.
ü Support DCS Policy management and automation concept development, including use cases to motivate automation scenarios. This is critical for the success of DCS by reducing the burden on users and enabling a successful rollout of DCS across the NATO Enterprise.
ü Coordinate DCS technical activities with Zero Trust Architecture (ZTA) and NATO Core Data Framework (NCDF) initiatives.
ü Investigate metadata labelling and tagging in relevant use cases, such as multidomain operations and DISG.
ü Include DCS in ongoing Federated Mission Networking (FMN) spiral specification development.
ü Promote the DCS reference environment with NATO participants; mature DCS reference environment to support additional binding profiles; develop Record of Investigation (RoI) on crypto options for DCS.
ü Sustain Core Services capability development and specification of Cross-Domain Information Sharing (C-DIS) including interoperability for federating NATO’s CES Capabilities.
ü Support and technical expertise as subject matter experts for ACT’s objectives in the NCDF development and standardization.
ü Investigate SRM and messages mapping transformation languages availability, formulate a workable proposal for a mapping and transformation language and support its validation.
ü Support Tactical Data Link (TDL) STANAG alignment activities
· NATO Digital Staff (NDS) POW:
ü Digital Policy Committee (DPC) Line of Development. Metadata harmonization.
ü DPC Line of Development. Production of regulatory documentation and standards.
o This work will further develop and contribute to the definition of Information Sharing Scenarios for Core Services. This includes
§ Knowledge and expertise in Metadata Labelling, Binding, Binding Profiles, Label to Marking mapping, label interoperability
§ NATO Core Data Framework (NCDF) and Common Cross Community of Interest Semantic Reference Model (CXCSRM)
§ STANAG alignment to metadata standards activities
§ Federated information exchange based on meta/data standards that underpin a data architecture consisting of APIs, data lakes, meshes, fabrics and backbones
§ Cross domain information exchanges including Cross-Domain Information Sharing (CDIS) solutions
§ Validation of federated information sharing Core Services at various exercise venues such as TIDE Sprint and CWIX. This should demonstrate alignment of national attributes with NATO, such that information can be shared between partners using a single sign on
§ Federated Identity Management
o Contributing as subject matter experts in these areas requires a depth and breadth of knowledge in the NATO Consultation, Command and Control capability within the NATO Command Structure as well as expertise in current and planned Core Services.
o The work will entail the development and revision of technical documentation, preparing briefings on changes and validation results as well as design and development of proof of concept demonstrators for validation purposes.
o Attendance at coordination meetings and exercise venues may be requested.
· CIO POW:
ü DCS Pilot oversight
o Support Source Selection based on suitability criteria
o Support in assessment of standards-compliance through the use of the DCS Reference System
o Contribute to and Review Pilot final report