“Full Statement of Work available on request”
Deadline Date: Thursday 27 March 2025
Requirement: Specialized Consultants for NATO INFRASTRUCTURE SERVICES CENTRE (NISC)
Location: OFF-SITE
Not to Exceed: 397,170 EUR
Required Start Date: 5 May 2025
Required Security Clearance: NATO SECRET
Bidding Instructions:
Technical Proposal
* CV and attestation of the assigned resource for the project. Each CV shall contain accurate contact details for reference person for each of the listed professional experiences relevant to this Statement of Work.
* It is up to the bidder to propose the size of the team that executes the work and produces the deliverables in the time line allocated. The Purchaser may accommodate a reasonable number of personnel at the current facilities. The CVs shall clearly distinguish if the proposal is for Key Personnel or not.
Introduction:
NATO INFRASTRUCTURE SERVICES CENTRE (NISC) has a requirement for subject matter experts (SME) to be embedded with a team of NCI Agency staff in support of the Scientific Programme of Work for 2025.
This expertise is required to supplement the current level of expertise within the NISC so the consultants must be ready to quickly integrate with the current team and take up duties. The work required will be based on deliverables as defined below. A request for available staff has not been successful in this request for consultancy support.
Tasks for Engineering Service:
The following requirements have been identified to provide technical support for the ACT Programme of Work (POW) 2025 and the NDS POW 2025. The requirements and skills are an extension to and complementary with the requirements and skills requested for the 2022 POW projects.
Objectives
Consultants are requested to participate and provide expert support to NCI Agency in the execution of scientific activities advancing the following objectives.
Allied Command Transformation (ACT) POW:
* Support and technical expertise as subject matter experts for ACT’s objectives in the “Interoperability Continuum” (CWIX, TIDE Sprint, iO360, Hackathon).
* Develop Enterprise level architectures supporting the successful conception of DCS to inform how it fits in NATO business functions and use cases.
Support DCS Policy management and automation concept development, including use cases to motivate automation scenarios. This is critical for the success of DCS by reducing the burden on users and enabling a successful rollout of DCS across the NATO Enterprise.
* Coordinate DCS technical activities with Zero Trust Architecture (ZTA) and NATO Core Data Framework (NCDF) initiatives.
* Investigate metadata labelling and tagging in relevant use cases, such as multi domain operations and DISG.
* Include DCS in ongoing Federated Mission Networking (FMN) spiral specification development.
Promote the DCS reference environment with NATO participants; mature DCS reference environment to support additional binding profiles; develop Record of Investigation (RoI) on crypto options for DCS.
* Sustain Core Services capability development and specification of Cross-Domain Information Sharing (C-DIS) including interoperability for federating NATO’s CES Capabilities.
* Support and technical expertise as subject matter experts for ACT’s objectives in the NCDF development and standardization.
* Investigate SRM and messages mapping transformation languages availability, formulate a workable proposal for a mapping and transformation language and support its validation.
* Support Tactical Data Link (TDL) STANAG alignment activities.
NATO Digital Staff (NDS) POW:
* Digital Policy Committee (DPC) Line of Development. Metadata harmonization.
* DPC Line of Development. Production of regulatory documentation and standards.
* This work will further develop and contribute to the definition of Information Sharing Scenarios for Core Services. This includes
o Knowledge and expertise in Metadata Labelling, Binding, Binding Profiles, Label to Marking mapping, label interoperability
o NATO Core Data Framework (NCDF) and Common Cross Community of Interest Semantic Reference Model (CXCSRM)
o STANAG alignment to metadata standards activities
o Federated information exchange based on meta/data standards that underpin a data architecture consisting of APIs, data lakes, meshes, fabrics and backbones
o Cross domain information exchanges including Cross-Domain Information Sharing (CDIS) solutions
o Validation of federated information sharing Core Services at various exercise venues such as TIDE Sprint and CWIX. This should demonstrate alignment of national attributes with NATO, such that information can be shared between partners using a single sign on
o Federated Identity Management
* Contributing as subject matter experts in these areas requires a depth and breadth of knowledge in the NATO Consultation, Command and Control capability within the NATO Command Structure as well as expertise in current and planned Core Services.
* The work will entail the development and revision of technical documentation, preparing briefings on changes and validation results as well as design and development of proof of concept demonstrators for validation purposes.
* Attendance at coordination meetings and exercise venues may be requested.
* DCS Pilot oversight
o Support Source Selection based on suitability criteria
o Support in assessment of standards-compliance through the use of the DCS Reference System
o Contribute to and Review Pilot final report
Security Clearance:
The duties of the consultants require a valid NATO SECRET security clearance.
The expected classification level of the deliverables is NATO UNCLASSIFIED. However, in some particular circumstances it might be decided that a part of the deliverables will be classified as NATO RESTRICTED.
The execution of duties may require the consultants to access information, as well as CIS systems, classified up to NATO SECRET
Practical Arrangement
This is a Completion-type contract requires consultants with complementary skills to complete the work.
The consultant will provide the service off-site at the own office. Office space and computer equipment will be provided at NCI Agency-NL for access during scheduled visits for the duration of this contract; contractor is responsible for office space and computer equipment at their own facilities.
The consultant(s) will regularly coordinate their efforts with the team using existing team procedures already established. This requires both face to face meetings and remote tele- or video-conferences.
This Task Order may require scheduled travel.
Travel arrangements will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article of AAS Framework Contract and within the limits of the NCIA Travel Directive
Qualification:
The following expertise and knowledge is essential for this requirement:
* Expert knowledge of NATO’s Data-Centric Security (DCS) and Zero Trust vision and strategy, along with expert technical knowledge of enablers such as the NATO Metadata Binding Service and NATO End Point Labelling demonstrators;
* Detailed knowledge of Industry and NATO standards in the area of labelling, binding and marking;
* Expert knowledge of NATO Confidentiality Label Syntax specifications, profiles and emerging standards;
* Expert knowledge of NATO Metadata Binding Mechanism specifications, profiles and emerging standards;
* Expert knowledge of NATO Core Metadata Specification, profiles and emerging standards;
* Expert knowledge of NATO Core Data Framework (NCDF) and related profiles and emerging standards;
* Detailed knowledge of NATO’s STANAG and IEPD processes;
* Detailed knowledge of NATO cross-domain solutions and information exchange requirements;
* Detailed knowledge of FMN concepts, evolutionary strategy and the NFIP; j) Detailed knowledge of AFS concepts, evolutionary strategy and the AFS Joining Instructions
* Detailed knowledge of methods and mechanisms to resolve security label translation/mapping between NATO and NATO national systems; l) Detailed knowledge of federated Identity and Access Management (IdAM) policies, standards and industry trends;
* Detailed knowledge and experience with Web Service-specific security standards and products including Security Policy Information File (SPIF), OIDC, SAML 1.x and 2.0, XACML, WS-Security, WS-Trust, Microsoft Active Directory Federation Services (ADFS), and competing products in this space;
* Detailed knowledge and experience with Service Oriented Architecture (SOA) implementation concepts including Web Services, SOAP, REST, Publish Subscribe, JSON, XML, WSDL and UDDI, as well as Web Services specifications;
* Detailed knowledge and experience with specific security areas including PKI, X.509, and products including Microsoft Certificate Services and Entrust Certificate Authority. Knowledge of the Enterprise NPKI would be beneficial;
* Expertise in commercial security labelling products and object level protection solutions;
* In-depth familiarity with NATO organisational and political structures and relationships with NATO and Partner nations;
* Good understanding of cryptography;
* Ability to independently produce and edit technical documentation and scientific reports in English;
* Excellent communications skills;
* Good understanding of the project management methodologies, including PRINCE 2 and Agile/Scrum