Description

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Background

Supporting NATO throughout all its geographical locations, the NCI Agency is looking for a Cloud Engineer (Hybrid), Security and Compliance Specialist, joining the journey of NATO’s modernisation of IT services, through leveraging the public cloud (Microsoft Azure, M365 and Amazon AWS), delivering managed, protected, security-centric and reliable IT Services.

NCI Agency – Cloud Operations Team

The NATO Communications and Information Agency (NCI Agency) is dedicated to supporting NATO's strategic objectives, including the ambitious NATO 2030 agenda. As part of this commitment, we are spearheading the modernization and digital transformation of NATO’s IT services. Our focus is on leveraging public cloud technologies like Microsoft 365 and Intune, incorporating a security-by-design approach, and ensuring a seamless transition to a modern, collaborative workplace environment.

To achieve these goals, we are building a Cloud Operations team under the Cloud Center of Excellence, operating under the NATO Enterprise Cloud Operating Model (NECOM). The NECOM framework provides a standardized approach for cloud service management, ensuring interoperability, scalability, and security across NATO's IT infrastructure. The Cloud Center of Excellence will serve as a hub for best practices, innovation, and expertise, driving the adoption and optimization of cloud technologies within NATO. This team will play a crucial role in our journey towards providing managed, protected, and reliable End User Services.

Embracing the latest technological advancements, this initiative will foster innovation and ensure NATO remains at the cutting edge of IT capabilities. By continuously evolving and integrating new technologies, we aim to enhance operational efficiency and readiness for future challenges. This remote position offers an exciting opportunity to be at the forefront of NATO's technological evolution and contribute to the security and efficiency of our operations.

NCI Agency – Cloud Centre of Excellence (CCoE)

The Cloud Centre of Excellence (CCoE) within the NCI Agency is focused on driving successful cloud adoption and maximizing the potential of cloud technologies across the organization. It serves as a central governing body, promoting best practices, enabling knowledge sharing, and ensuring alignment between business objectives and cloud initiatives. The CCoE supports various cloud-based solutions, ensuring their effective and efficient implementation and management. By fostering a culture of continuous improvement and innovation, the CCoE helps the NCI Agency leverage cloud technologies to enhance operational efficiency, scalability, and agility.

Role Duties and Responsibilities

Security Policy Development:

Develop and implement comprehensive security policies for the M365 environment.
Ensure policies align with organizational and regulatory requirements.
Regularly review and update security policies to address emerging threats.
Communicate and enforce security policies across the organization.

Compliance Management:

Ensure compliance with regulatory requirements and organizational standards.
Implement and manage data loss prevention (DLP) policies.
Conduct regular compliance audits and risk assessments.
Develop and maintain compliance documentation and records.

Advanced Threat Protection:

Configure and manage Microsoft Defender for Office 365.
Implement Advanced Threat Protection (ATP) policies to detect and mitigate threats.
Monitor threat analytics and respond to security incidents.
Conduct regular security assessments and vulnerability scans.

Conditional Access and Identity Protection:

Implement and manage conditional access policies in Azure AD.
Configure identity protection policies to safeguard user accounts.
Monitor access patterns and detect suspicious activities.
Ensure multi-factor authentication (MFA) is enforced.

Data Encryption and Information Protection:

Configure and manage data encryption policies.
Implement Azure Information Protection (AIP) for data classification and labeling.
Ensure data protection policies are applied to sensitive information.
Monitor and report on data protection compliance.

eDiscovery and Legal Hold Management:

Implement and manage eDiscovery and legal hold processes.
Ensure that data required for legal proceedings is preserved.
Conduct regular audits of eDiscovery and legal hold configurations.
Provide training and support for eDiscovery users.

Security Monitoring and Reporting:

Monitor the security health of the M365 environment using Microsoft 365 Security Center.
Generate security reports and provide insights for improvement.
Utilize security information and event management (SIEM) tools.
Identify and address security incidents promptly.

Automation and Scripting:

Develop and maintain PowerShell scripts to automate security and compliance tasks.
Implement automated workflows using Power Automate.
Create automated solutions for compliance reporting and monitoring.
Maintain and update existing automation scripts.

User Training and Awareness:

Develop and deliver security training programs for end-users.
Promote security awareness and best practices across the organization.
Provide guidance on secure use of M365 tools.
Conduct regular security awareness campaigns.

Continuous Improvement:

Stay up-to-date with the latest M365 security and compliance features.
Continuously improve security and compliance processes.
Participate in security and compliance forums and training.
Propose and implement new security measures and enhancements.

Remote On-Call Duty

Execute On-call duty outside regular working hours, for maximum duration of 1 week per 4 month, to support urgent tickets when they are escalated to Level 2/3 support.

Essential Skills and Experience

Microsoft 365 Security Features:

Advanced knowledge of Microsoft 365 security features and configurations.
Experience with Microsoft Defender for Office 365 and ATP policies.
Proficiency in configuring and managing conditional access and identity protection.
Knowledge of data encryption and Azure Information Protection (AIP).

Compliance Management:

Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA).
Experience with data loss prevention (DLP) policies and compliance audits.
Proficiency in conducting risk assessments and developing compliance documentation
Knowledge of eDiscovery and legal hold management.

PowerShell Scripting:

Proficient in writing and executing PowerShell scripts for security and compliance tasks.
Ability to develop and maintain scripts for automation.
Experience with automating compliance reporting and monitoring.
Knowledge of script debugging and error handling.

Security Monitoring and Reporting:

Proficient in using Microsoft 365 Security Center and SIEM tools.
Ability to generate security reports and provide insights.
Experience with monitoring and responding to security incidents.
Knowledge of security information and event management (SIEM) best practices.

Advanced Threat Protection:

Expertise in configuring and managing ATP policies.
Experience with threat detection and mitigation.
Proficiency in conducting security assessments and vulnerability scans.
Ability to respond to and mitigate security incidents.

Conditional Access and Identity Protection:

Advanced knowledge of conditional access policies in Azure AD.
Experience with configuring and managing identity protection policies.
Proficiency in enforcing multi-factor authentication (MFA).
Knowledge of monitoring access patterns and detecting suspicious activities.

Data Encryption and Information Protection:

Skilled in configuring and managing data encryption policies.
Experience with Azure Information Protection (AIP).
Ability to apply data protection policies to sensitive information.
Knowledge of monitoring and reporting on data protection compliance.

eDiscovery and Legal Hold Management:

Proficient in implementing and managing eDiscovery and legal hold processes.
Experience with auditing eDiscovery and legal hold configurations.
Knowledge of data preservation for legal proceedings.
Ability to provide training and support for eDiscovery users.

User Training and Awareness:

Experience promoting security awareness and best practices.
Proficiency in providing guidance on secure use of M365 tools.

Continuous Improvement:

Commitment to staying current with M365 security and compliance features.
Proactive in implementing new security measures and enhancements.
Participation in security and compliance forums and training.
Ability to propose and implement continuous improvement initiatives.

Organizational Skills:

Strong organizational skills to manage multiple tasks and priorities effectively.
Attention to detail in managing M365 environment and the Microsoft Intune Platform.

Others:

They have strong customer relationship skills, including negotiating complex and sensitive situations under pressure.

Language Proficiency

Business English

Working Policy

Remote
They may be required to exercise on-call duty, outside regular working hours, for maximum duration of 1 week per 4 month, to resolve urgent tickets when they are escalated to CloudOps Center. On-call duty is held remotely

Travel

may be required to travel, not exceeding 1 week per month, to other NCI Agency locations (Brussels, Belgium and The Hague, Netherlands) as part of the role

Security Clearance

Valid National or NATO Secret personal security clearance

Remote Scouter

More Similar Roles...

Want more remote roles like this one sent to you?