2024-0109 Cloud Engineer (Hybrid) Security Compliance (NS) - FRI 15 Nov RELAUNCH
Requirement: Cloud Engineer (Hybrid) Security and Compliance Specialist
Location: Off-Site
Period of Performance: BASE period: 01 st January 2025 – 31st December 2025
• 2026 Option: 1st January 2026 until 31st December 2026
• 2027 Option: 1st January 2027 until 31st December 2027
Start date is as soon as possible but not later than 01st January 2025
Required Security Clearance: NATO SECRET
1 INTRODUCTION
Supporting NATO throughout all its geographical locations, the NCI Agency is looking for a Cloud Engineer (Hybrid), Security and Compliance Specialist, joining the journey of NATO’s modernization of IT services, through leveraging the public cloud (Microsoft Azure, M365 and Amazon AWS), delivering managed, protected, security‐centric and reliable IT Services.
Your responsibilities will include configuring and managing security settings, developing and implementing compliance policies, and performing regular security audits and assessments. You will leverage tools such as Microsoft Defender for Office 365, Azure Information Protection (AIP), and data loss prevention (DLP) policies to safeguard our organization’s data. Additionally, you will monitor security threats, respond to incidents, and ensure all security measures are up‐to‐date and effective.
A key aspect of this role will be developing and maintaining PowerShell scripts and automated workflows to streamline security and compliance processes. You will create automated solutions for compliance reporting and monitoring, ensuring operational efficiency and reducing manual intervention.
You will also support training programs to raise security awareness among end‐users and IT staff. This includes developing educational materials, delivering training sessions, and promoting best practices for secure use of M365 tools.
2 OBJECTIVES
The objective of this statement of work is to establish a support and operating model for End User Services operating in the Public Cloud, with a focus on Microsoft 365 services.
3 SCOPE OF WORK
Under the direction / guidance of the local NCIA Point of Contact or the Cloud Ops Operations Manager, the Cloud Engineer (Hybrid), Security and Compliance Specialist will be supporting the following activities:
1. Security Policy Development:
o Develop and implement comprehensive security policies for the M365 environment.
o Ensure policies align with organizational and regulatory requirements.
o Regularly review and update security policies to address emerging threats.
o Communicate and enforce security policies across the organization.
2. Compliance Management:
o Ensure compliance with regulatory requirements and organizational standards.
o Implement and manage data loss prevention (DLP) policies.
o Conduct regular compliance audits and risk assessments.
o Develop and maintain compliance documentation and records.
3. Advanced Threat Protection:
o Configure and manage Microsoft Defender for Office 365.
o Implement Advanced Threat Protection (ATP) policies to detect and mitigate threats.
o Monitor threat analytics and respond to security incidents.
o Conduct regular security assessments and vulnerability scans.
4. Conditional Access and Identity Protection:
o Implement and manage conditional access policies in Azure AD.
o Configure identity protection policies to safeguard user accounts.
o Monitor access patterns and detect suspicious activities.
o Ensure multi‐factor authentication (MFA) is enforced.
5. Data Encryption and Information Protection:
o Configure and manage data encryption policies.
o Implement Azure Information Protection (AIP) for data classification and labeling.
o Ensure data protection policies are applied to sensitive information.
o Monitor and report on data protection compliance.
6. eDiscovery and Legal Hold Management:
o Implement and manage eDiscovery and legal hold processes.
o Ensure that data required for legal proceedings is preserved.
o Conduct regular audits of eDiscovery and legal hold configurations.
o Provide training and support for eDiscovery users.
7. Security Monitoring and Reporting:
o Monitor the security health of the M365 environment using Microsoft 365 Security Center.
o Generate security reports and provide insights for improvement.
o Utilize security information and event management (SIEM) tools.
o Identify and address security incidents promptly.
8. Automation and Scripting:
o Develop and maintain PowerShell scripts to automate security and compliance tasks.
o Implement automated workflows using Power Automate.
o Create automated solutions for compliance reporting and monitoring.
o Maintain and update existing automation scripts.
9. User Training and Awareness:
o Develop and deliver security training programs for end‐users.
o Promote security awareness and best practices across the organization.
o Provide guidance on secure use of M365 tools.
o Conduct regular security awareness campaigns.
The contractor will work primarily remotely, providing services during Core working hours of the Cloud Operations team (Brussels / BEL).
10 QUALIFICATIONS
The consultancy support for this work requires an experienced Cloud Engineer (Hybrid), Security and Compliance Specialist with the following qualifications:
1. Microsoft 365 Security Features:
o Advanced knowledge of Microsoft 365 security features and configurations.
o Experience with Microsoft Defender for Office 365 and ATP policies.
o Proficiency in configuring and managing conditional access and identity protection.
o Knowledge of data encryption and Azure Information Protection (AIP).
2. Compliance Management:
o Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA).
o Experience with data loss prevention (DLP) policies and compliance audits.
o Proficiency in conducting risk assessments and developing compliance documentation.
o Knowledge of eDiscovery and legal hold management.
3. PowerShell Scripting:
o Proficient in writing and executing PowerShell scripts for security and compliance tasks.
o Ability to develop and maintain scripts for automation.
o Experience with automating compliance reporting and monitoring.
o Knowledge of script debugging and error handling.
4. Security Monitoring and Reporting:
o Proficient in using Microsoft 365 Security Center and SIEM tools.
o Ability to generate security reports and provide insights.
o Experience with monitoring and responding to security incidents.
o Knowledge of security information and event management (SIEM) best practices.
5. Others:
o Full proficiency in the English language. French language proficiency is of advantage.
o The candidate must have the nationality of one of the NATO nations.
o The candidate must possess a NATO Secret Security Clearance or national equivalent.
This role is critical for maintaining efficient IT support operations and ensuring users receive timely and effective assistance with their devices and Microsoft 365 services. If you are a motivated technician with strong problem‐solving skills, full proficiency in English, and a passion for security and compliance, we invite you to apply and join our dynamic team.
#J-18808-Ljbffr