This job posting isn't available in all website languages

Cyber Security Technician (2 posts)

240856 Requisition #

2 posts to be offered


The BICES Group Executive (BGX), a NATO entity, is the executive body of the BICES Group (BG). The BG exists to enable the sharing and exchange of Intelligence and Information between and amongst the NATO nations, with NATO and with other non-NATO nations and Organizations. The BGX, under the leadership of the Director, is comprised of the following pillars: Intelligence and Enterprise Services (IES) Division, Programmes, Engineering and Maintenance (PEM) Division, Operations and Security Services (OSS) Division and Intelligence, Surveillance and Reconnaissance (ISR) Cell.

The main role of the OSS Division is to ensure the security of the BICES infrastructure and maintain its operational posture in accordance with the expectations and requirements of the BICES Board of Directors (BOD). OSS works closely with the other BGX divisions especially PEM for maintenance and project implementation activities that directly influence the BICES posture. The OSS division is comprised of three branches: The Network Operations and Support Branch (NOSB), the Security Operations and Support Branch (SOSB), and the Security Accreditation Branch (SAB).

The SOSB performs the daily network-based, cybersecurity activities within the BGX. These activities include manual and automated CIS monitoring, security incident response, mitigation and reporting, risk assessment support and mitigation, hardware and software based system hardening and security awareness. The SOSB primarily exists to ensure the confidentiality, integrity, and availability of BGX provided data and information, through cybersecurity means.

Under the supervision of the Head SOSB and in close coordination with the BGX Security Officers and Engineers, the incumbent provides “Analyst 1st Level” support for complex technical cybersecurity based activities in the area of CIS monitoring and security incident response. S/He contributes to the day-to-day CIS security testing, verifications, scanning, monitoring, updating, baselining, improving and documenting activities of the cybersecurity capabilities implemented within the BGX/BICES networks. The incumbent reports the status and the discoveries of the security posture of BICES networks and contributes to the monitoring, analysis and modifications of security services. The incumbent may be required to undertake operational deployments and/or travel duty assignments both within and beyond NATO's boundaries. The work is performed in a typical Secure Facility environment where slightly undesirable conditions may apply. The risk of injury is categorized as: Light Risk of Injury. In a combined effort on exceptional basis, technicians provide support to services and systems on a 24/7 basis, thus are subject to on-call and overtime duties outside regular working hours.



The incumbent must:

  • possess higher secondary education with 6 years post related experience OR upper vocational training/ post-secondary degree in a discipline relevant for this position with 3 years post-related experience in CIS security activities;
  • have detailed knowledge of Windows and Linux based operating systems and platforms, of update service platforms and technologies and of IP based networking and devices;
  • have extensive knowledge of firewall and intrusion detection technologies;
  • demonstrate the ability to identify and describe computer and network anomalies within a CIS and to understand, assess and solve technical issues;
  • be experienced with security tools such as firewalls, proxies, guard technology, SIEM solutions and scanning tools;
  • have thorough knowledge of Security Operations Centre (SOC) processes and procedures;
  • have knowledge of vulnerability assessment and penetration testing techniques, log fusion and log analysis capabilities;
  • be able to communicate effectively orally and in writing;
  • be flexible to work outside regular office hours;
  • possess level V (Advanced) of the English language.


The following will be considered an advantage:

  • knowledge of NATO security policies and supporting directives;
  • experience working in a multinational environment;
  • familiarity with NATO structure and procedures;
  • experience with the application of techniques/methods for source verification, data fusion, quality analysis, and threat actor profiling.

Expertise Development
Apply skills and knowledge for the efficient and secure functioning of the cybersecurity environment. Contribute knowledge and experience in Security Tests and Validation (ST&V) execution, CIS scanning and monitoring activities as well as security incident handling processes, CIS patching, updating and improvements. Assess the functionality and artefacts of threats, as well as identify CIS vulnerabilities and potential exploitation. Perform research related to 0-day threats, Advance Persistence Threats (APTs), critical vulnerabilities, and identify obfuscation and encryption techniques. Recommend improvements for entrusted tools and services. Contribute to the enhancement of techniques and identification of new methods for threat detection. Support improvements and development of new capabilities by proposing mitigation of identified security gaps/flaws, coordinate and verify their implementation. Identify and propose training requirements. Stay abreast of technological developments relevant to the area of work.

Information Management
Analyse outputs from various tools and technologies, effectively identifying anomalous events and investigate security incidents in order to support, run, maintain and enhance the capabilities of the BICES Security Operations Centre (BSOC). Provide Security Operations Support (SOS) related guidance to BGX personnel involved in the operation and development of the CIS and to stakeholders within the BICES Community. Perform detailed analyses of security events and network threats. Manage and execute log information analysis of BGX operated services in order to identify potential cyber security related anomalies, and provide analytical reports. Maintain a good understanding of the threat landscape.

Planning and Execution 
Execute ST&V plans in support of BICES security accreditation activities. In particular, the development, verification, execution and registration of ST&V Plans as well as maintenance/monitoring of the BGX ST&V registry. Perform systematic Operation and Maintenance (O&M) activities of the entrusted scanning tools and services (e.g. Nessus, nmap), including mitigation and verification, signature updates, target selection and scanning execution and reporting of critical fails. Perform systematic O&M activities of the entrusted monitoring tools and services (e.g. ArcSight Logger, ArcSight ESM, FortiAnalyzer, SysLog, SolarWinds, CISCO). Verify log sources integration, identification of gaps, mitigation, as well as monitoring, searching, analysis, mitigation and verification of alerts. Contribute to the patching and update activities of the BGX Element by systematic monitoring vendors’ announcements on recommended patches. Trigger patching in the BGX, verify the application of patches and provide status reports. Support the technical analysis of current and new services/functionalities on BICES with regard to security requirements and contribute to the development of divisional documents.

Project Management
Support improvements and the development of new capabilities that are not included in the BGX Programme of Work. Execute and document the necessary implementation and prepare the hand-over to the BGX Systems and Communications Technicians. Contribute to the market research and acquisition process for cybersecurity assets and software in support of BGX projects.

Stakeholder Management
Promote and maintain professional relations with relevant counterparts, both military and civilian, within nations, NATO and other international organisations. Provide status information to stakeholders in order to ensure they are up-to-date on projects, issues, and solutions for cybersecurity related matters. 

Perform any other duty as required.


The incumbent reports to the Head SOSB. S/He maintains contacts with counterparts of both internal and external stakeholders, as well as contacts with system software and hardware vendors and/or contractors for software and hardware new releases and updates.

Direct reports: N/A

Indirect reports: N/A


The incumbent must demonstrate:

  • Achievement: Works to meet standards. Works to meet expected performance at standards set by others (management or customers). Executes duties in a timely, efficient and accountable fashion and meets objectives within target dates. May express frustration at waste or inefficiency.
  • Analytical Thinking: Breaks down problems. Makes a list of items that need doing, with no particular order or set of priorities. Pulls together data, ideas, issues and observations into a clear and useful format.
  • Customer Service Orientation: Takes personal responsibility for correcting problems. Takes ownership of the correction of customer-service problems. Corrects problems promptly, efficiently and without becoming defensive. Monitors client satisfaction.
  • Flexibility: Acts with flexibility. Works effectively in a changing environment. Adapts to change by actively revising own behaviours, methods and priorities. Applies procedures flexibly, where context allows, in order to get a job done or to meet agreed objectives (e.g. alters normal procedures to fit a specific situation and to meet a client's needs).
  • Initiative: Is decisive in a time-sensitive situation. Acts quickly and decisively in a crisis or other time-sensitive situation. Is unafraid to propose and/or take action when the norm would be to wait, study the situation and hope the problem will resolve itself.
  • Organizational Commitment: Supports the Organization. Acts to support the Organization’s mission and goals. Makes choices and sets priorities to meet the Organization’s needs and to align self with its mission.
  • Self-Control: Responds calmly. Remains patient, does not show unjustified frustration. Continues to act calmly under pressure or while experiencing strong emotions. Rises above the situation and diffuses other’s negative emotions.
  • Teamwork: Cooperates. Participates willingly in the team, doing his/her share of the team’s work. Shares information and knowledge freely, offering support and cooperation.


Contract to be offered to the successful applicant: Definite Duration contract of three years with the possibility of extension.

Contract clause applicable:
This post is a limited duration project post. Extension of the original definite duration of three years is subject to funding and project requirement. The first 6 months of the contract will be considered as probationary period.

If the successful candidate is seconded from the national administration of one of NATO's member States, a two-year definite duration contract will be offered, which may be extended, subject also to the agreement of the national authority concerned.
Serving staff will be offered a contract in accordance with the NATO Civilian Personnel Regulations.

Irrespective of previous qualifications and experience, candidates for twin-graded posts will be appointed at the lower grade. Advancement to the higher grade is not automatic, and will not normally take place during the first three years of service in the post.
Under specific circumstances, serving staff members may be appointed directly to the higher grade, and a period of three years might be reduced by up to twenty four months for external candidates. These circumstances are described in the IS directive on twin-graded posts.


Please note that we can only accept applications from nationals of NATO member countries. Applications must be submitted using e-recruitment system, as applicable:

  • For NATO civilian staff members only: please apply via the internal recruitment portal (for more information, please contact your local Civilian HR Manager);
  • For all other applications: www.nato.int/recruitment

Please note that at the time of the interviews, candidates will be asked to provide evidence of their education and professional experience as relevant for this vacancy.
Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate) and approval of the candidate’s medical file by the NATO Medical Adviser.
More information about the recruitment process and conditions of employment, can be found at our website (http://www.nato.int/cps/en/natolive/recruit-hq-e.htm). Please note that the BICES Group Executive is not a NATO HQ International Staff (IS) subordinated body and some of the policies applicable to IS members might differ.


The BICES Group Executive is a NATO body. NATO as an equal opportunities employer values diverse backgrounds and perspectives and is committed to recruiting and retaining a diverse and talented workforce. NATO welcomes applications of nationals from all Member States and strongly encourages women to apply. Building Integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
Due to the broad interest in NATO and the large number of potential candidates, telephone or e-mail enquiries cannot be dealt with.
Applicants who are not successful in this competition may be offered an appointment to another post of a similar nature, albeit at the same or a lower grade, provided they meet the necessary requirements.
The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours.
The BGX offers several work-life policies including Teleworking and Flexible Working arrangements (Flexitime) subject to business requirements.
Please note that the BGX, located at NATO Headquarters in Brussels, Belgium is a non-smoking environment.

Previous Job Searches

Similar Listings


📁 Security

Requisition #: 240836


📁 Security

Requisition #: 240840


📁 Security

Requisition #: 240825