🌎
This job posting isn't available in all website languages

Senior Officer, Incident Management

🔍 Belgium

New
📁
Information Communication Technology
📅
240643 Requisition #

1.    SUMMARY

The NATO Chief Information Officer (CIO) function brings Information and Communications Technology (ICT) coherence across NATO Enterprise’s civil and military bodies. The NATO CIO is empowered to realise the Allies’ vision for the NATO Enterprise, is accountable to the Secretary General and is responsible for the development of Enterprise directives and advice on the acquisition and use of information technologies and services. The NATO CIO provides Enterprise oversight on cybersecurity issues, and, in close coordination with all relevant NATO civil and military bodies, works towards the continual improvement of cyber hygiene and cybersecurity posture of the NATO Enterprise.

The Office of the NATO CIO (OCIO) is an integrated staff organisation comprised of International Staff (IS) and International Military Staff (IMS) members.

The Enterprise Security Branch (ESec) maintains Enterprise oversight on cybersecurity and enables awareness on specific risks, processes and incidents. It supports the NATO CIO in managing cybersecurity risks and incidents at Enterprise level, advises and supports the decision-making process for identifying the Enterprise risk appetite and risk tolerance. The Branch executes functions deriving from the Enterprise risk owner and top-level incident manager roles for cybersecurity, coordinating incident response, business impact analysis, risk mitigation, mid- to long- term measures and lessons-identified. The Branch also maintains relations with key Enterprise military and civilian stakeholders at strategic, operational, tactical and technical levels.

The Security Processes Section (SPS) is responsible for ensuring correct support and representation in its role of Enterprise incident manager in front of multiple NATO relevant cyberspace stakeholders. The section is also responsible to provide liaison to network security, threats analysis and advanced technical operations in support of the defence of NATO Enterprise networks, services and capabilities.

The incumbent is responsible for the coordination of the NATO Enterprise cyber incident management and response activities involving NATO enterprise CIS and services. The incumbent ensures that the required activities are appropriately and timely coordinated across the Enterprise stakeholders, in accordance with NATO’s Cyber Incident Response Plan (CIRP). The incumbent works in close coordination with the NATO Communications and Information Agency (NCIA), the Joint Intelligence and Security Division (JISD) the Cyberspace Operations Centre (CyOC), the NATO Cyber Risk Management Group (CRMG) and the NATO Board of CIS Operational Authorities (BCISOA). The incumbent is responsible for the update and maintenance of the Enterprise Incident Management framework and supporting processes.

The incumbent deputises for the Head, Security Processes Section, when required.

 

 

2.    QUALIFICATIONS AND EXPERIENCE

ESSENTIAL

The incumbent must:

  • hold a university degree, or an equivalent level of qualification, from an institute of recognised standing, preferably in information and communications technology or a cybersecurity related discipline;
  • have at least 6 years of experience in cybersecurity; 
  • have extensive knowledge and experience in coordinating multiple stakeholders responses to cyber incidents in large, decentralized and multi-cultural organizations;
  • have a good knowledge and experience in the cybersecurity domain and specifically in cyber incident response processes;
  • have proven experience in the generation, provision and long-term assessment of cybersecurity recommendations and guidance originating from cyber incidents happening in and through cyberspace;
  • have good knowledge of:
    • network and infrastructure security principles, along with best practices for implementing protective measures, monitoring and logging;
    • cyber risk management and advanced technical operations best practices and processes;
    • the principles, policy and procedures governing cybersecurity, preferably in military and/or defence organisations;
  • be able to prepare and deliver clear and concise presentations and reports to both technical and non-technical audiences;
  • have strong interpersonal skills, with a focus on stakeholders management;
  • possess excellent analytical, problem solving, and verbal and written communication skills;
  • be able to work under high pressure while preserving a teamwork spirit;
  • posses the following minimum levels of NATO’s official languages (English/French): V (“Advanced”) in one; I (“Beginner”) in the other;
  • be flexible and willing to work outside of normal office hours, during cyber incident management activities, and to travel, when required.

 

DESIRABLE

The following are considered an advantage:

  • cybersecurity certifications such as CISSP, CCSP, CISM or equivalent post-graduate degree in cybersecurity;
  • experience with NATO’s cybersecurity environment, specifically in the CIS security field and related functions;
  • experience working on complex projects and coordinating multiple stakeholders in separate locations;
  • experience working within a complex, international organisation;
  • understanding of NATO’s organisation, its security policy and supporting directives;
  • experience building and leading a diverse team.

 

 

      3.    MAIN ACCOUNTABILITIES

 

Policy Development

Contribute to the development of policy, directives, and guidance documents in the OCIO areas of responsibility as per the incumbent’s area of expertise. Provide advice to the Section Head on NATO Enterprise cyber incident management activities, processes and procedures. Provide advice and guidance to NATO Nations, NATO civil and military bodies, partner nations and international organisations. Develop high-level strategic documents and advice to support and improve the Enterprise cyber incident management processes and procedures.

 

Expertise Development

Maintain and update an Enterprise-wide cyber incident management framework to support the role of CIO as single point of authority for the Enterprise CIS. Based on the latest Security assessments and developments in cybersecurity threats, propose changes and improvements to the Framework, gathering ideas and lessons learned from other NATO experts across the Enterprise. Identify, develop and test new capabilities in support of Enterprise cyber incident management. Keep abreast with the latest technology developments in the incumbent’s area of responsibilities and provide appropriate advice. Propose updates and improvements based on lessons identified from real life experience and from exercises.

 

Coordinate and develop the processes and procedures required to better support the different phases of the CIRP. Coordinate cyber incident response activities involving Enterprise CIS and assess their effectiveness under time pressure. Coordinate and propose mitigation and remediation actions in close collaboration with the relevant Enterprise stakeholders, bodies and groups.

 

Project Management

Support the definition of the section projects plan according to the OCIO role(s) in project management processes used in the NATO Enterprise. Identify main decision-makers and other stakeholders relevant for the project success. Participate and contribute to project management boards as required. Maintain full understanding of project and programme plans, identify and monitor project implementation risks, provide expertise and leadership in the resolution of exceptions and issues. Establish and maintain a network of relations with key project leaders in the NATO Enterprise, with a specific focus on ICT and Cybersecurity projects.

 

Stakeholder Management

Establish and maintain a network of relations with key experts in the NATO Enterprise, with a specific focus on Enterprise-wide security. Develop close cooperation and working relationships with the relevant NATO stakeholders involved in the lifecycle of Enterprise security processes and practices, with a focus on Enterprise cyber incident management. Be comfortable in chairing, supporting and interacting with executive/senior-level boards and committees.

 

Knowledge Management

Draft background briefs, progress reports, prepare presentations, and other items for high-level meetings. Contribute to the information sharing with relevant NATO bodies and stakeholders (e.g. NATO Cyber Risk management Group (CRMG), the NATO Board of CISOA (BCISOA)) that contribute and support cyber incident management activities. On the basis of briefings, discussions and investigations, provide advice on evolving security programmes in NATO nations, NATO civilian and military bodies, and non-NATO entities.

 

Financial Management

Manage a predetermined budget for assigned projects.

 

Representation of the Organization

 

Represent the Section at NATO and in various international settings, including in dialogues with government, civilian and military national representatives and giving presentations at conferences and seminars. 

 

4.    INTERRELATIONSHIPS

The incumbent reports to the Head, Security Processes Section. The incumbent works in close cooperation with the OCIO members of staff as well with experts of the various NATO Entities.  The incumbent leads a diverse team in charge of establishing strong relationships with the relevant NATO stakeholders that support cyber incident management activities across the NATO Enterprise.

Direct reports: N/A

Indirect reports: N/A

 

5.    COMPETENCIES

The incumbent must demonstrate:

  • Achievement: Creates own measures of excellence and improves performance.
  • Analytical Thinking: Sees multiple relationships.
  • Change Leadership: Expresses vision for change.
  • Impact and Influence: Uses indirect influence.
  • Initiative: Is decisive in a time-sensitive situation.
  • Organisational Awareness: Understands organisational politics.
  • Teamwork: Solicits inputs and encourages others.
6.    CONTRACT
 
Contract to be offered to the successful applicant (if non-seconded): Definite duration contract of three years; possibility of renewal for up to three years, during which the incumbent may apply for conversion to an indefinite duration contract.
 
Contract clause applicable:
In accordance with the contract policy, this is a post in which turnover is desirable for political reasons in order to be able to accommodate the Organisation's need to carry out its tasks as mandated by the Nations in a changing environment, for example by maintaining the flexibility necessary to shape the Organisation's skills profile, and to ensure appropriate international diversity.
The maximum period of service foreseen in this post is 6 years. The successful applicant will be offered a 3-year definite duration contract, which may be renewed for a further period of up to 3 years. However, according to the procedure described in the contract policy the incumbent may apply for conversion to an indefinite contract during the period of renewal and no later than one year before the end of contract.
If the successful applicant is seconded from the national administration of one of NATO’s member States, a 3-year definite duration contract will be offered, which may be renewed for a further period of up to 3 years subject also to the agreement of the national authority concerned. The maximum period of service in the post as a seconded staff member is six years.
Serving staff will be offered a contract in accordance with the NATO Civilian Personnel Régulations.
 
 

7.    USEFUL INFORMATION REGARDING APPLICATION AND RECRUITMENT PROCESS

Please note that we can only accept applications from nationals of NATO member countries. Applications must be submitted using e-recruitment system, as applicable:

  • For NATO civilian staff members only: please apply via the internal recruitment portal (link);
  • For all other applications: www.nato.int/recruitment

Before you apply to any position, we encourage you to click here and watch our video providing 6 tips to prepare you for your application and recruitment process.

Do you have questions on the application process in the system and not sure how to proceed? Click here for a video containing  the information you need to successfully submit your application on time.

More information about the recruitment process and conditions of employment, can be found at our website (http://www.nato.int/cps/en/natolive/recruit-hq-e.htm)

Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate), approval of the candidate’s medical file by the NATO Medical Adviser, verification of your study(ies) and work experience, and the successful completion of the accreditation and notification process by the relevant authorities.

NATO will not accept any phase of the recruitment and selection prepared, in whole or in part, by means of generative artificial-intelligence (AI) tools, including and without limitation to chatbots, such as Chat Generative Pre-trained Transformer (Chat GPT), or other language generating tools. NATO reserves the right to screen applications to identify the use of such tools. All applications prepared, in whole or in part, by means of such generative or creative AI applications may be rejected without further consideration at NATO’s sole discretion, and NATO reserves the right to take further steps in such cases as appropriate.

 
8.    ADDITIONAL INFORMATION
 
NATO is committed to diversity and inclusion, and strives to provide equal access to employment, advancement and retention, independent of gender, age, nationality, ethnic origin, religion or belief, cultural background, sexual orientation, and disability. NATO welcomes applications of nationals from all member Nations, and strongly encourages women to apply.
 
Building Integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
 
Due to the broad interest in NATO and the large number of potential candidates, telephone or e-mail enquiries cannot be dealt with.
 
Applicants who are not successful in this competition may be offered an appointment to another post of a similar nature, albeit at the same or a lower grade, provided they meet the necessary requirements.
 
The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours.
 
The organization offers several work-life policies including Teleworking and Flexible Working arrangements (Flexitime) subject to business requirements.
 
Please note that the International Staff at NATO Headquarters in Brussels, Belgium is a non-smoking environment.
 
For information about the NATO Single Salary Scale (Grading, Allowances, etc.) please visit our website. Detailed data is available under the Salary and Benefits tab.

Previous Job Searches

Similar Listings

Senior Technician (Networks, Data and Voice)

Belgium

📁 Information Communication Technology

Requisition #: 240337