LOGO_ALLIED4_RVBLOGO_ALLIED4_RVBLOGO_ALLIED4_RVBLOGO_ALLIED4_RVB
  • ABOUT US
  • MISSION & VALUES
  • CONSULTANTS
  • OPPORTUNITIES
  • BUSINESS TO BUSINESS
  • CONTACT US
✕
DEADLINE: allied4eu November 3, 2025

#NC25CSG184313 - Academy Learning Environment Cyber Security Engineer and System Accreditation Support - Closed

 Deadline: November 3, 2025

Requester: NATO

Location: Oeiras, Portugal

Start date: January, 2026

Security clearance: NATO SECRET

SCOPE OF WORK / DUTIES / ROLES
  • The Contractor shall develop and maintain the system descriptions for ALE systems, capturing the technical description, connections (physical and logical), physical locations, and hardware/software inventories. This shall be formalised in a document titled “CIS Description” and maintained under version control;
  • The Contractor shall define the accreditation strategy and plan for ALE systems, describing the steps required to achieve security accreditation for operation at the NCI Academy. This shall be formalised in a document titled “Security Accreditation Plan (SAP)” and maintained under version control;
  • The Contractor shall perform a high-level security risk assessment to inform early design, including identifying assets, threats, vulnerabilities, likelihood/impact, and initial risk ratings. This shall be formalised in a document titled “High-Level Security Risk Assessment (SRA)” and maintained under version control;
  • The Contractor shall define system-specific security requirements and control coverage by tailoring the security control baseline, mapping requirements to applicable standards and policies, and identifying coverage gaps with corresponding actions. This shall be formalised in a document titled “System-specific Security Requirement Statement (SSRS)” and maintained under version control;
  • The Contractor shall develop and maintain Security Operating Procedures (SecOPs) to enable secure day-to-day operations. This includes:
- For Administrators: account/privilege management, backups, patching, baseline configurations, logging/monitoring, incident and change handling, and continuity steps;
- For End Users: acceptable use, data handling, access/MFA, reporting suspicious activity, and secure usage guidance.
These shall be formalised in a document titled “Security Operating Procedures (SecOPs)” and maintained under version control.
  • The Contractor shall define security test and verification activities to evidence control effectiveness. This shall be formalised in a document titled “Security Test and Verification Plan (STVP)” and maintained under version control.
REQUIRED SKILLS, KNOWLEDGE AND EXPERIENCE
  • NATO Security Clearance valid for the duration of the contract, issued by the respective National Security Authority;
  • Minimum 5 years of experience in designing secure, scalable solution architectures aligned with enterprise standards, or complex environments;
  • Minimum 5 years of experience in applying and overseeing physical, procedural, and technical security controls, conducting risk assessments, and leading incident response efforts;
  • Minimum 5 years of experience in system and application hardening, collaborating across technical teams to enforce best practices and compliance;
  • Accreditation Process: Demonstrated success in managing accreditation processes, defining assurance requirements, and coordinating with stakeholders is essential;
  • Communication Skills: Excellent written and verbal communication in English, with the ability to explain technical information clearly and in a user-friendly manner;
  • Collaboration: Demonstrated ability to work effectively in a team environment and coordinate with multiple stakeholders;
  • Documentation: Strong documentation capabilities including SOPs, technical manuals, and security guidelines are required to support operational readiness and knowledge sharing;
  • Analytical Skills: Strong problem-solving and troubleshooting ability, with the capacity to quickly identify issues and determine the most efficient resolution;
  • Knowledge and experience of working with the NCI Agency and/or NATO organisations
    Req.
    Knowledge of ISO27001 or equivalent standards;
  • Familiarity with Agency tools for configuration, risk, and documentation management;
  • Experience supporting audits;
  • Understanding of Agile delivery practices.

< go back to opportunities

Request more information
 

This position is now closed.

We regularly add new positions. We suggest exploring other available opportunities and staying updated by following our LinkedIn page.

If you don’t find any suitable opportunities, you can send us your CV, as an open application. However, we will not submit you to any vacancies without your written consent.

 

 

 

 

 
The website Allied4.eu is a registered communication web platform managed by Guardian Brigade Lmt,
a company incorporated under Portuguese law with its headquarters located in Parede,
within the municipality of Cascais.

Menu

  • ABOUT US
  • MISSION & VALUES
  • CONSULTANTS
  • OPPORTUNITIES
  • BUSINESS TO BUSINESS
  • CONTACT US

Useful Links

Privacy Policy
Terms & Conditions
Complaint Book

 

Reach Us

info@allied4.eu

  • linkedin
© 2023. All Rights Reserved. Desenvolvido por DOMINIOS.PT