NATO Communications and Information Agency (NCI Agency)

Cyber Security Assessor

On site

Mons, Belgium

Full Time

18-03-2025

Share this job:

Score my CV

Job Specifications

Primary Location

Belgium-Mons

NATO Body

NATO Communications and Information Agency (NCIA)

Schedule

Full-time

Application Deadline

30-Mar-2025, 11:59:00 PM

Salary (Pay Basis)

6,467.30

Grade

NATO Grade G15

Who we are:

For more than 70 years, NATO’s mission has been to preserve peace and security in the Alliance for nearly one billion citizens. The NATO Communications and Information Agency (NCI Agency) and its predecessors have worked tirelessly in providing the means that enable the connectedness and togetherness that keep our Alliance strong. We are the NCI Agency, a team of 3000 civilian and military staff in 29 locations throughout Europe, North America and Asia.

Our technology and cyber experts allow NATO to conduct critical operations, protect NATO’s airspace, make data-driven decisions, defend against cyber-attacks, secure NATO networks and maintain superiority in space. This is all possible because of our greatest force, our people. In order to keep this edge we aim to hire, train and retain the very best staff.

Our staff members represent both the diversity and unity of our Alliance. When you join the NCI Agency, you will be part of an organization where you can contribute authentically to the mission and purpose of NATO and help us keep our technological edge.

About the job:

Based in Mons, Belgium you will join the Agency as we embark on a journey to transform our IT services to support NATO’s Digital Endeavour. You will join NATO Cyber Security Centre (NCSC), which is responsible for planning and executing all lifecycle management activities for cyber security. In executing this responsibility, NCSC provides specialist cyber security-related services covering the spectrum of scientific, technical, acquisition, operations, maintenance, and sustainment support, throughout the lifecycle of NATO Communications and Information Systems (CIS).

We are looking for a driven and enthusiastic Cyber Security Assessor who will take on the following roles and responsibilities:

Information security: communicate security risks and issues to business managers and others;
Information assurance: follow standard approaches for the technical assessment of information systems against information assurance policies and business objectives;
Vulnerability management: execute Vulnerability Management duties, based on the security findings reported from the assessment campaigns;
Provide CIS Security related input to NATO Directives in the Cyber Security area;
Provide security consultancy and advice to projects, plans and teams.

For a full list of duties, please review the job description on the NCI Agency career site .

About you:

The valuable knowledge and experience that you bring to this role are:

Bachelor’s degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience. Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post;
Industry leading certification in the area of Cyber Security such as SANS GIAC certifications in the 400/500 or 600 series, ISC2 CISSP and ITIL Foundation;
At least 2 years practical experience working in cybersecurity or a related field, such as information technology, network administration, or software development;
Extensive knowledge of Cloud System Security Services and Configuration;
Experience in modern CIS secure deployment and configuration troubleshooting;
Extensive experience in the contextual interpretation of Vulnerability Assessments results;
Comprehensive understanding of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience;
Proven, professional experience and expert knowledge in at least three of the following:

ü Implementation and integration of Information Assurance protective measures;

ü Security mechanisms related to modern Web Application Security;

ü Security mechanisms and administration of LAN and WAN in the large enterprise environment;

ü Private and public cloud security;

ü Enterprise system administration experience of Windows Active Directory concepts and architecture;

ü Light virtualisation/container security concepts;

ü Enterprise system administration experience of VMWare vSphere environment and architecture, with emphasis on security concepts design and implementation.

Excellent communication skills with respect to briefing/presenting, report writing & mediation;
Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan for several different audiences;
Fluency in English, both written and spoken.

What we offer:

Genuinely meaningful work as part of the most successful alliance in history;
3 year contract with competitive tax-free salary and household and children’s allowances;
Privileges for expatriate staff including expatriation and education allowances (where appropriate) and additional home leave;
Excellent private health insurance scheme;
Generous annual leave of 30 days plus official holidays;
NATO Pension Scheme;
Development programs such as professional training, wellbeing, and more.

To learn more about NCI Agency and our work, please visit our website .

The NCI Agency prides itself on being an equal opportunity employer. We are committed to fostering an inclusive environment of mutual respect and value uniqueness and differences in gender, gender identity, race, ethnic or cultural origin, age, religion, sexual orientation and physical or neurocognitive ability.

Additional details on the conditions of application can be found via the NCI Agency career site.

About the Company

We are NATO's technology and cyber experts. We are a team of 3,000 civilian and military staff members, located in 29 sites throughout Europe and North America. We help NATO and its member countries communicate and work together to fulfil their mission - preserve peace and security for nearly one billion citizens. The Agency is on the frontlines against cyber threats, protecting NATO's networks 24 hours a day, seven days a week, to prevent debilitating attacks. Our experts provide capabilities and services that are crit... Know more

Related Jobs

Company Name: Brussels Airport
Job Title: Head of Information Security -FR
Job Description: Be part of our beating heart Brussels Airport veut être connu comme l'un des meilleurs aéroports du monde, un pôle économique entièrement connecté pour les personnes et les entreprises, et comme le cœur battant de l'Europe, où les clients, l'innovation et la durabilité occupent une place centrale. Voulez-vous contribuer à façonner l’aéroport d’aujourd’hui et celui de demain ? Alors, arrêtez d’en rêver et lancez-vous au sein de notre équipe Technology & Infrastructure dans le rôle de Head of Information Security! Le Chief Information Security Officer (CISO) de BAC relève du Chief Technology & Infrastructure Officer et est responsable de la protection des actifs numériques de l’aéroport, en garantissant la confidentialité, l’intégrité et la disponibilité des informations critiques, ainsi que de la gestion du programme global de sécurité de l’information. Le CISO joue un rôle crucial dans la protection des données et la sécurité de l’information, en veillant au respect des réglementations et en réduisant les risques liés à la sécurité de l’information dans l’écosystème technologique de l’aéroport. Les responsabilités de ce poste dépassent largement le cadre de BAC et incluent une responsabilité claire au niveau de l’aéroport, compte tenu de l’interconnexion des systèmes ICT et du partage d’informations entre les différentes entreprises de l’écosystème BRU. Le CISO collabore étroitement avec la direction de l’aéroport – notamment les membres du comité de gestion –, les instances réglementaires, les partenaires (fournisseurs et entreprises de l’écosystème aéroportuaire) ainsi que d’autres parties prenantes pour maintenir une posture de sécurité de l’information robuste et flexible face à l’évolution des menaces. Ce rôle est essentiel pour préserver la réputation de l’aéroport en matière de sécurité et de fiabilité dans le domaine en pleine croissance de la cybersécurité. Ce Que Vous Allez Réaliser Chez Nous Développement et mise en œuvre de la stratégie Élaboration d’une stratégie robuste de sécurité de l’information alignée sur les objectifs commerciaux de BAC et sur les réglementations européennes horizontales et verticales. Coordination des politiques de sécurité au sein de l’écosystème BRU, y compris des accords contractuels avec les partenaires et les fournisseurs, afin de réduire les risques liés à l’information en fonction de l’appétence stratégique au risque de BAC. Conformité et respect des règles et réglementations Veiller au respect de la directive NIS2 et d’autres réglementations en matière de protection des données et de sécurité de l’information. Servir de point de contact avec les instances réglementaires, telles que le Centre pour la Cybersécurité Belgique (CCB) et l’EASA, et superviser la mise en œuvre des normes de sécurité sectorielles. Développer un cadre politique pour un Système de Management de la Sécurité de l’Information (SMSI) conforme aux normes belges et européennes. Gestion des parties prenantes et culture interne de sécurité Collaborer étroitement avec l’équipe de direction de BAC (y compris le CEO et le CTIO), les membres du comité de gestion et la direction ICT pour promouvoir et ancrer les politiques de sécurité de l’information à un niveau stratégique. Favoriser une culture de sensibilisation à l’information au sein du personnel et de l’écosystème BRU ; organiser des formations obligatoires sur la sécurité pour la direction afin de les sensibiliser à leurs responsabilités légales et en matière de sécurité. Servir de lien entre BAC et les partenaires externes, en alignant les objectifs de sécurité et les responsabilités partagées au sein de l’écosystème. Sécurité des tiers et des fournisseurs Mettre en œuvre des obligations contractuelles en matière de sécurité via des politiques avec des tiers et maintenir des relations pour garantir des objectifs communs en matière de sécurité. Ce Qui Vous Distingue Diplôme de Master avec une spécialisation (idéalement en sciences de l’ingénieur, droit, économie…). 10 ans d’expérience pertinente dans un environnement de sécurité de l’information, que ce soit dans une organisation ICT, une équipe juridique ou une organisation de conformité. Une expérience dans les infrastructures critiques est un atout. Maîtrise du néerlandais, du français et de l’anglais, à l’écrit comme à l’oral. Détenir des certifications en sécurité (par exemple CISSP, CISM) est un critère requis. Vision stratégique. Compétences en leadership, avec la capacité de diriger indirectement des équipes et à différents niveaux hiérarchiques. Expérience dans la définition et l’atteinte d’objectifs, la gestion des priorités dans des environnements complexes, la communication et le reporting managérial, ainsi que l’amélioration des processus. Excellentes compétences analytiques. Orientation client (interaction avec des clients externes de haut niveau/senior management), capacité à convaincre des parties externes et compétences exceptionnelles en communication écrite et orale, avec diplomatie. Approche structurée et forte capacité de réflexion conceptuelle. Ce qui fait battre nos cœurs Chez Brussels Airport, vous travaillez dans un monde à part, plein de nouvelles opportunités et de défis passionnants. Vous vous trouverez dans un environnement unique et inspirant qui donnera des ailes à vos talents. Une expérience unique en son genre ! Nous travaillons dans notre nouveau bâtiment Compass, doté d’une vue imprenable, qui permet de travailler ou collaborer de manière à la fois hybride et flexible, équipé comme il se doit, et où vous pouvez compter sur un package attrayant d'avantages extralégaux les plus recherchés par les employés. En outre, nous évoluons dans un environnement durable: nous nous déplaçons en vélo, en bus ou en voiture électrique et nous avons même notre propre gare. Que demander de plus ? Vous sentez votre pouls s'emballer ? Vous avez hâte de vous surpasser au sein de Brussels Airport Company ? Envoyez rapidement votre CV et votre lettre de motivation via le lien ci-dessous. Qui sait, nous pourrions très bientôt vous accueillir dans notre aéroport animé au cœur de l'Europe ! D'autres questions ? N'hésitez pas à contacter florence.van.enst@brusselsairport.be Classe de fonction: B

Company Name: Fluxys
Job Title: Architecture & Cybersecurity Manager
Job Description: Fluxys is an international energy infrastructure group with 1,300 employees active in gas transmission & storage and liquefied natural gas terminalling. As a purpose-led company, we’re committed to fast-track the shift to a carbon neutral world. We explore new technologies and invest in infrastructure to accommodate hydrogen, biomethane, CO2 and other molecules for a climate neutral future. Fluxys Digital designs, develops and manages all the company's IT systems, and is therefore responsible for all commercial, functional, technical and application-related aspects. The Department ICT Security and Architecture is responsible for the ICT Security Service and the company's IT architecture. This includes the coordination of projects, infrastructure architecture, technical architecture, as well as business and application architecture. The department also ensures the cybersecurity of Fluxys’various systems and applications, such as industrial systems, commercial applications, office solutions, and cloud platforms. For our ICT Security and Architecture department at our office in Brussels, we are looking for an Architecture & Cybersecurity Manager (m/f/x). As part of our energy transition strategy, the development of new infrastructures for hydrogen, CO₂, and other connected molecules presents a significant challenge. These advancements require a profound transformation of our application landscape, including the integration of new solutions and the adaptation of existing systems. In this context, the primary objective of the Architecture and Cybersecurity Manager role is to ensure the long-term sustainability of the company's digital assets while supporting the teams towards a product-centric organization. This involves establishing guidelines for applications and infrastructure, designing and implementing a robust security framework, and overseeing its integration and compliance across all digital initiatives. For the architecture responsibilities, you will report to the Director Digital, whereas for cybersecurity matters, you will formally report directly to the Management Team. Define Architecture Principles : Establish ICT architecture principles in collaboration with Digital teams to ensure a coherent and efficient technical framework for digital operations Implement Architecture Principles : Oversee the translation of these principles into actionable implementations in partnership with the architecture and digital teams, ensuring consistent implementation across projects Anticipate Technological Evolutions : Develop forward-looking insights into emerging digital technologies to ensure the organization stays ahead of technological advancements, anticipating and integrating them cohesively Define Cybersecurity Policies : Develop cybersecurity policies that comply with legal and regulatory requirements, consider the evolving security landscape, and address the specific needs of the organization, ensuring secure and compliant operations Ensure Operational Cybersecurity : Translate the cybersecurity policies into operational measures and oversee their implementation to maintain a safe and secure operational environment (implementation is done in the Digital Operations Team) People management : You will lead a team of about 10 direct reports and manage an indirect team of 25 to 50 individuals. You will drive change management, guiding your teams through transformation and strengthening an environment of continuous improvement Stakeholder Management : You will act as the key liaison with management, external stakeholders, and internal departments on ICT security and compliance matters. Integrate cybersecurity considerations into broader organizational policies, ensuring awareness and alignment across all levels of the business. Lead stakeholders through the change process, promoting agility and fostering an environment of continuous improvement You have 10-15 years professional experience in IT with a solid track in architecture, a deep expertise in architecture frameworks and knowledge or interest in Cybersecurity You bring extensive experience in people management, with a proven ability to drive change and foster agility within the organization You have the ability to provide strategic advice while ensuring business continuity You possess strong emotional intelligence, demonstrated by your ability to create a collaborative and positive environment, and motivate teams even under stressful conditions You excel at building strong relationships with business stakeholders and establishing key partnerships with service providers to drive successful delivery outcomes You take initiative, motivate teams, listen attentively, are open to new ideas, and respectfully consider others’ opinions You thrive under pressure, are results-driven, and can adapt seamlessly to unexpected situations You have experience in implementing Agile methodologies and are a strong advocate for their benefits You understand the dynamics of product-centric companies You are fluent in Dutch, French, and English Contribute and innovate towards a carbon-neutral world Develop and shape a brilliant career in a fast-growing international group Showcase your strong appetite to contribute towards an array of dynamic projects that challenge your intellect Apart from that, we offer some interesting general conditions.

Company Name: StaffYourTribe
Job Title: Cloud DevOps Security Engineer
Job Description: StaffYourTribe - Cloud DevOps Security Engineer - Antwerp/ Remote Are you passionate about Cloud Security and DevOps? Join our dynamic Agile team and play a key role in building and securing cutting-edge cloud infrastructure! Your Role: Design, implement, and manage secure cloud infrastructure (mainly AWS). Advise DevOps teams on security best practices and implementation. Automate security processes via CI/CD and Infrastructure as Code (IaC). Monitor and optimize cloud performance, costs, and security. Manage IT security tools and support risk management and incident response. Collaborate with teams to integrate security by design. Who are you: 5+ years of experience managing cloud infrastructure (AWS, Azure, or GCP). Certifications in Cloud Security or Infrastructure Management. Knowledge of IAM, encryption, compliance, and container security (Docker, Kubernetes). Experience with automation and scripting (Python, Bash, PowerShell). Background in SecDevOps, monitoring, and zero-trust security models. Strong communication skills to explain security concepts clearly. Location: Offices in Antwerp - very flexible with remote work (1x/week at the office). Does this sound like you? Apply now and make an impact in a cutting-edge IT security team!

Company Name: Lotus Bakeries
Job Title: Information Security Manager
Job Description: As Information Security Manager you will take charge of guaranteeing Lotus Bakeries’ compliance with the NIS2 regulations and ISO 27001 security standards. Join us at Lotus Bakeries and embark on a thrilling journey to fortify our digital stronghold while shaping the future of information security in the food industry! You'll be the linchpin in embedding NIS2 compliance within our organization, both for our administrative (ICT) and production network (OT). By offering strategic direction and expert guidance you’ll ensure seamless integration and sustained adherence throughout our operations. Implement and manage our Information Security Management System across the Lotus Group, ensuring every facet of our digital ecosystem is fortified against emerging threats. Spearhead the development and implementation of information security policies, processes and controls, while fostering a culture of security awareness among our global workforce. Collaborate closely with ICT and Business management to develop a forward-thinking security roadmap that anticipates and adapts to future threats. Coordinate ICT security projects, fostering collaboration among cross-functional teams and local plants to execute security initiatives safeguarding our operations from harm. Uphold the standard of security excellence by conducting internal security audits based on the ISO27001 standard, while also overseeing external audits and ensuring our suppliers meet stringent compliance requirements. Do you recognize yourself in this profile? Then we look forward to meeting you! You have a Master’s degree in a relevant study field, combined with at least 2 years of experience in a similar role and experience in a production environment. Besides a proficiency in the ISO27001 standard, you have an understanding of both Information and Operational Technology (ICT and OT) systems, ensuring a robust understanding of security requirements across diverse digital landscapes. You can navigate stakeholder relationships in a global environment, ensuring alignment with strategic objectives and fostering collaboration across multiple stakeholders. Your adeptness in change management will facilitate the adoption of new security protocols and methodologies, ensuring smooth transitions and minimal disruption to business operations. You cultivate a culture of risk awareness and proactively implement mitigation strategies. Finally, you are fluent in Dutch and English. What can we offer you at Lotus Bakeries? The opportunity to play a pivotal role within a growing and international environment where you can make your mark. You will be a part of an ambitious and driven team with a mix of talents. Tons of on-the-job learning and insights in the world of cookies. Close cooperation with various stakeholders within the group. A company culture where passion, team spirit and open dialogue are the main drivers. Last but not least, the package that comes with it is also a great deal. And off course, freshly baked cookies every day!