Social network you want to login/join with:OCIO-0015 Enterprise Security Accreditation and (ECISOA) - TUE 8 Oct, BrusselsClient:EMWLocation:Brussels, BEJob Category:OtherEU work permit required:YesJob Reference:e19cabcf5e36Job Views:7Posted:23.03.2025Expiry Date:07.05.2025Job Description:Deadline Date: Tuesday 8 October 2024Requirement: Enterprise Security Accreditation and ECISOAFull Time On-Site: YesTime On-Site: 100%Total Scope of the request (hours): 190Required Start Date: 18 November 2024End Contract Date: 31 December 2024Required Security Clearance: NATO SECRETSpecial Terms and Conditions: The contractor will be responsible for complying with the respective national requirements for working permits, visas, taxes, social security etc. whilst working on site at NATO HQ Brussels, Belgium.The contractor will be responsible for complying with all the respective National Health COVID-19 regulations in Belgium before taking up the position.1. INTRODUCTIONNATO is undergoing a major adaptation of its overall approach to cybersecurity. As part of its mandate, the NATO Chief Information Officer (CIO) is overseeing the coherence of the NATO Enterprise ICT capabilities and services and is the single point of authority for cybersecurity. The NATO CIO is responsible for developing and implementing a cybersecurity strategy through a comprehensive cyber adaptation effort.As part of its mandate, the NATO Office of the CIO (OCIO) needs to execute and enforce the role of NATO Enterprise CIS Operational Authority (ECISOA) allowing the NATO CIO to perform its role of Enterprise Risk owner. The main goal is to ensure risks identified as part of supporting existing processes (security accreditation, incident management, etc.) are properly evaluated, operationally validated and formally accepted, keeping and maintaining an overall view on the global Enterprise security posture.To support this effort, OCIO requires services that will leverage in-depth knowledge of Risk Management (Risk Assessment methodology, Processes and Best practices), to support the roles of ECISOA and the related risk management-supporting activities.2. TASKSThe contractor will effectively and efficiently provide, with minimal supervision, the following services, with a special focus on cybersecurity risk management:Support CIO in his role of Enterprise CISOA in the issuance of different decision-making-related documentation such as Authorizations to Operate (ATOs) and interim ATOs (iATO) for systems and Networks, as required.Assess, verify risks and develop suggestions in support of the Enterprise Risk acceptance function of the CIO.Support the development of Cybersecurity Risk Management Processes and Frameworks.Maintain a Board of CISOA as a stable coordination framework between the various local CISOA among various HQs and Subordinate commands.Support the activity of the Cyber Risk Management Group (CRMG).Support the Enterprise CISOA in the development and execution of the accreditation process, for NATO CIS at Enterprise level.Support and contribute to the process of policy changes related to CIS security and its management in coordination with the SAA and CISP.3. PROFILEThe candidate must have knowledge and multiyear experience in organization, management and support of various (international) operations related to defence, security, electronics and communications, in the NATO environments.The candidate must have previous experience within NATO CIS Operational Authority dealing with accreditation procedures, Risk Assessment and Crypto implementation.The candidate must have previous experience in developing contingency plans, mitigation measures and Authorization To Operate (ATO) and interim Authorizations to Operate (iATO).The job requires knowledge of the NATO Security Accreditation Processes and operational evaluation of CIS.The job requires experience with Risks assessment and Risk Management as applied to CIS Security and Cyber Security.Experience in supporting or driving Policy changes related to CIS security and its management.Knowledge in the development of Cybersecurity Risk Management Processes and Frameworks.The candidate must have experience in leading staff work on large and complex projects and to coordinate multiple stakeholders in different locations.The candidate must have a NATO SECRET security clearance.The candidate must have excellent English writing skills and the ability to brief their work in English.4. LOCATION OF DUTYThe work will be executed primarily on site at the NATO HQ offices in Brussels, Belgium.5. TIMELINESThe services of the contractor are required for the period starting at the earliest possible but not later than 18th November 2024 until 31th December, 2024.6. SPECIFIC WORKING CONDITIONSSecure environment with standard working hours. Occasional non-standard hours may be required in support of urgent tasks.7. TRAVELOccasional business travel may be required. Travel expenses to be reimbursed under NATO rules.8. SECURITY AND NON-DISCLOSURE AGREEMENTThe contractor must be in possession or capable of possessing a security clearance of NATO SECRET.A signed Non-Disclosure Agreement will be required.
#J-18808-Ljbffr