Home
Jobs
EMW
2025-0036 Operation & Maint Active Directory Security (CTS) - TUE 1 Apr RELAUNCH

2025-0036 Operation & Maint Active Directory Security (CTS) - TUE 1 Apr RELAUNCH

On site

Mons, Belgium

Freelance

18-03-2025

Share this job:

Score my CV Apply

Job Specifications

Previously proposed candidates were non-compliant for the following reasons: The candidate is not suitable for the position. Lack of knowledge and experience as Windows System administrator and Windows Active Directory security.

Deadline Date: Tuesday 1 April 2025

Requirement: Support Operation & Maintenance of Active Directory Security Assessment Tool

Location: Mons, BE

Full Time On-Site: Yes

Period of Performance: 2025 BASE: As soon as possible but not later than 12th May 2025 until 31 December 2025.

2026 OPTION: 1 January 2026 until 31 December 2026

2027 OPTION: 1 January 2027 until 31 December 2027

2028 OPTION: 1 January 2028 until 31 December 2028

Required Security Clearance: NATO COSMIC TOP SECRET

PURPOSE

The objective of this statement of work (SoW) is to outline the scope of work and deliverables for the operation and maintenance of Active Directory Security Assessment Tool to be conducted by the selected company.

The purpose of the work package is to provide support to NATO Cyber Security Centre (NCSC) to fulfil identified Active Directory Security Assessment Tool operation and maintenance activities more effectively.

BACKGROUND

The Office of the CIO (OCIO) Enterprise Cyber Security Posture Improvement project focuses on acquisition and implementation of state‐of‐art tools to enhance Enterprise‐wide cybersecurity capabilities considering the key cybersecurity functions.

NCIA initiated a project and procured Active Directory Security Assessment Tool (Tenable Identity Exposure) providing identity unification and risk scoring, real-time attack detection and continually assessing directory services security in real-time, eliminate attack paths that lead to domain domination, and investigate and inform.

To support NCSC for the execution of tasks identified in the subject work package of the project, the NCIA is looking for subject matter expertise in the delivery of complex, foundational and novel Cybersecurity capability.

This contract is to provide consistent support on a deliverable‐based (completion‐type) contract, to NCSC contributing to its POW based on the deliverables that are described in the scope of work below.

SCOPE OF WORK

The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of Active Directory Security Assessment Tool with a deliverable based (completion‐type) contract to be executed in 2025.

Service performed by a contractor include the lifecycle management of the Tenable Identity Exposure software (including all tasks related to A2SL inclusion), its configuration to ensure coverage of all in‐scope Active Directory servers, and the regular monitoring of the availability of the capability.

Under the direction / guidance of the NCSC Point of Contact, a contractor will be the part of the NCSC Team supporting the following activities:

System Installation and Configuration:
Install and set up Tenable Identity Exposure,
Ensure the software is deployed correctly across relevant environments,
Set up integrations with identity systems like Active Directory, LDAP, or cloud‐based IAM solutions
System Maintenance and Updates:
Apply software updates and patches,
Regularly update Tenable Identity Exposure and related systems to ensure the latest security patches and features are applied,
Ensure that the platform is running smoothly by checking system logs, server performance, and availability,
Request and build monitoring and alerting mechanisms to be aware of the issues, system resource consumption,
Address technical issues, such as connectivity problems between Tenable Identity Exposure and other integrated systems or errors in scans or reports,
Manage Integrations:
Ensure Tenable Identity Exposure is integrated with other security solutions like SIEM (Security Information and Event Management) systems, vulnerability management platforms, or ticketing systems,
Set up proper data synchronization between identity systems and Tenable Identity Exposure to ensure accurate and up‐to‐date information
User and Role Management:
Configure access control for the Tenable Identity Exposure platform itself, ensuring that only authorized personnel have the right level of access,
Set up appropriate permissions and roles for the identity systems being monitored, ensuring seamless integration
Monitoring and Reporting:
Proactively review logs and alerts generated by Tenable Identity Exposure to identify any technical issues, errors, or failures in the monitoring process,
Produce and distribute reports related to system health, monitoring activities, and compliance status (e.g., audit logs, system performance metrics
System Documentation:
Document configuration and changes: Keep up‐to‐date documentation of all configurations, integration steps, troubleshooting procedures, and system maintenance tasks,
Maintain an inventory of connected systems: Keep track of all integrated identity sources, IAM systems, and external tools connected to Tenable Identity Exposure
Automation and Scripting:
Automate tasks: Write scripts or configure automation tasks to streamline routine system management tasks, such as regular backups, system checks, or integrations
Improve system efficiency: Identify areas where automation could reduce manual intervention and improve operational efficiency

The measurement of execution for this work is sprints, with each sprint planned for a duration of 1 week.

The content, scope of each sprint and their related acceptance criteria are to be peer reviewed within the sprint cycle, and communicated in writing to the contractor, before beginning of each sprint. Input and guidance will be provided by NCI Agency in written from or/and during the targeted review meetings

DELIVERABLES AND PAYMENT MILESTONES

4.1 Payment Schedule will be at the end of each 4 sprints, following the acceptance of the sprint report.

4.2 The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe, at a later time, depending on the project priorities and requirements.

4.3 The payment shall be dependent upon successful acceptance of the sprint report and the Delivery Acceptance Sheet (DAS) - (Annex A).

4.4 Invoices shall be accompanied with a Delivery Acceptance Sheet (DAS) (Annex A) signed by the Contractor and the NCIA POC.

4.5 The following deliverables are expected for the all platforms that are explained in scope of Service (Section 3) on this statement of work:

Deliverable: 30 sprints to support Operation & Maintenance of Active Directory Security Assessment Tool as per described in Para 3

Payment Milestones: Upon completion of each fourth sprint and at the end of the service. Completion of each milestone shall be accompanied documented in Delivery Acceptance Sheet (DAS) - (Annex B), signed for acceptance by the Purchaser's authorized point of contact and the Contractor

Number of sprints is calculated considering a starting date 14 April...

About the Company

EMW was founded in 1995 by engineers and managers who formerly held senior positions in well known telecommunications and information technology companies to pursue their vision for this new company. Our core business is providing information and communication technology services in the areas of planning, engineering and implementation; project and program management; systems integration; operations and maintenance; and training. Our competencies range over all aspects of inside and outside plant; feeder, access and inter-o... Know more

Related Jobs

Company Name: American Express
Job Title: Customer Care Professional – Customer Fulfillment Network (9 Month Fixed Term Contract)
Job Description: You Lead the Way. We’ve Got Your Back. With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally. At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong. Join Team Amex and let's lead the way together. Do you have the passion to deliver world class customer experiences every day? Since its foundation, American Express has developed a history of transformation through its ability to innovate, disrupt and evolve. This has been underpinned by our dedication to our customers, to our employees, and to our Company ‘Blue Box’ Values: We deliver for our Customers. We make it great. We do what’s right. We respect people. We need different views. We win as a team. We care about communities. Our mission is to deliver a world class customer experience every day. We are advocates for our customers, designing creative solutions to meet their needs, and aiming to make a meaningful difference in their lives. As a Customer Care Professional, you will be a part of the team within our Customer Fulfilment Network which develops lasting relationships with our Card Members. How will you make an impact in this role? Handle customer data maintenance and information requests received in writing or transferred by customer facing colleagues. Communicate effectively to all parties involved while driving increased customer satisfaction Investigate and resolve problems to clear discrepancies. Maintain regular contact with key stakeholders. Deliver highest standard of case quality, customer service and relationship care Maintain excellent interaction with internal and external customers and partners Minimum Qualifications: Fluent written and spoken French, Dutch and English is essential. The ability to work in a fast paced and in a virtual environment as well as multitask and re-prioritise on a regular basis. Team player who demonstrates self-motivation & ability to work under pressure and unsupervised. Knowledge of Microsoft Office suite (Excel, Word, Outlook,…) Accurate keyboard skills and attention to details. Pro-actively seeks opportunities for improvement and streamline processes. Building & leveraging relationships internally and externally. Demonstrate personal excellence by remaining positive in difficult situations. Display a passion to serve by delivering extraordinary service in every interaction with our customers. Strong interpersonal, communication and listening skills. Outstanding organisational skills. Highly self-motivated, results-oriented We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Company Name: Harvey Nash
Job Title: Cyber Security Consultant - Senior
Job Description: Senior ISO 27001 lead implementer – NIS 2 directive The Security Management and CSIRT teams is to protect our client , its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong collaboration and some deep technical aspects. Within the Security Management team, we are looking for a Senior ISO 27001 Lead Implementer to reinforce the team. As an ISO 27001 Lead Implementer with a focus on NIS 2 Directive compliance, you will be instrumental in ensuring our organization adheres to the highest standards of information security and meets the new EU-wide cybersecurity requirements. You will lead the implementation and maintenance of our Information Security Management System (ISMS) in line with ISO 27001 standards while ensuring compliance with the NIS 2 Directive. Your Role: - Conduct regular risk assessments and audits to ensure continuous compliance and improvement. - Provide guidance on both technical and non-technical improvements. - Proficient in explaining risks to management, ensuring they fully understand the implications, especially when considering risk acceptance. - Develop, implement, and maintain an ISMS that is compliant with ISO 27001 and the NIS 2 Directive. - Understand and apply the legal measures introduced by the NIS 2 Directive. - Ensure that cybersecurity risk management measures and reporting obligations are met as per Annex I or II of the NIS 2 Directive. - Provide guidance and training to staff on ISO 27001 and NIS 2 Directive requirements. - Stay updated with the evolving cybersecurity threat landscape and adjust security measures accordingly. - Support the external audit linked to the ISO 27001 certification track. Your Profile: - Certified ISO 27001:2022 Lead Implementer and/or Lead Auditor. - In-depth knowledge of the NIS 2 Directive and its implications for cybersecurity and data protection. - Proven experience in implementing and maintaining ISO 27001:2022 certification. - Bachelor’s or a Master’s degree in Cyber Security or Computer Science. - Minimum of 5 years in an information security role, with a focus on ISMS and EU cybersecurity directives. - Experience with the implementation of the NIS 2 Directive is highly desirable. - Previous experience in telco domain is highly recommended. - Excellent communication and stakeholder management abilities. - Can operate with a great deal of autonomy, results-oriented and able to deliver within preset deadlines. Languages and Location: - Fluent in English, Dutch and/or French is a plus. - Based in Belgium hybrid 2 days/week at the office.

Company Name: Allied4.eu
Job Title: Local Access Network Technician - NCIA
Job Description: Company Description Allied 4 EU is a specialized platform focused on sourcing and placing security-cleared professionals and consultants. We take pride in our commitment to excellence, responsibility, collaboration, and respect. Our dynamic environment fosters success for both our allied clients and our dedicated community of allied consultants. Role Description We are seeking a Local Access Network Technician for a contract role required by NCIA. This on-site position is based at the SHAPE compound in Mons, Belgium. The Local Access Network Technician will be responsible for: Network administration and maintenance of campus network infrastructure. Troubleshooting and resolving network issues. Switch port configuration and management. Providing technical support to end users and teams. Ensuring network security and compliance with best practices. Qualifications Strong knowledge of network administration and network infrastructure. Proficiency in troubleshooting and providing technical support. Solid understanding of network security principles and best practices. Experience with cabling systems (optical and electrical) in campus environments and data centers. Ability to work both independently and within a team-oriented environment. Familiarity with IT service management (ITSM) processes, including incident resolution, service request execution, problem resolution, and fault fixing. Experience in configuration management and record management. Hands-on experience with network management tools, planning, and network element recovery. Relevant certifications: Network Administration, or related fields. (Cico CCNA) Must have or be able to obtain a NATO Secret security clearance. We can sponsor you on this process Experience working in security-cleared environments is a plus. We encourage you to apply if you have the required expertise and are looking for a challenging opportunity in an international environment.

Company Name: Permanent Representation of Malta to the European Union
Job Title: EUCI Information Security & Risk Officer
Job Description: Page contents Details Target audience Respond to the consultation Details Status Open Opening date 21 March 2025 Deadline 23 April 2025, 23:59 (CEST) Department European Defence Agency Agency EDA - European Defence Agency Vacancy Type Public Type of Contract Contract Staff Grade FG IV Location(s) Brussels, Belgium Target audience We welcome applications from candidates that meet the following selection criteria: Essential Only applications meeting all essential selection criteria will be assessed. Professional Candidates Will Be Required To Demonstrate The Following Qualifications a University degree (or equivalent academic degree) in computer science, information technologies, engineering, or similar discipline; good knowledge of, and proven professional experience of at least 3 years (acquired after the award of the academic qualification required as a condition of eligibility) in: implementing and maintaining Information Security standards such as ISO-27001, NIST-800-53, etc. in EU/Government Organizations and/or Private sector; implementing Risk Management Frameworks towards managing cybersecurity risks in public and/or private sectors; handling EUCI and its governance rules and regulations. professional experience in drafting policies and delivering presentations to management in support of decision-making; experience in organising and managing meetings and workshops in multinational settings; a track record of delivering successful business outcomes; an interest in and a good understanding of the EDA’s main tasks and functions; a very good command of written and spoken English. Personal All Staff Must Be Able To Fit Into The Agency's Way Of Working (see Para. 2). Other Attributes Important For This Post Include ability to collaborate within a team and work independently within their area of responsibility; ability to work effectively in a multinational environment; focus on results and high motivation; flexibility and innovation; confidentiality and integrity; genuine commitment to the Agency's objectives; strong conceptual, drafting, interpersonal, and analytical skills. Desirable The Following Will Be Considered An Advantage professional experience in, and good knowledge of, TEMPEST technologies and requirements in infrastructure and CIS; hold recognised information security certifications such as ISO-27001 LA/LI, CISM, CISSP; experience in organising and managing meetings and workshops in EU Institutions/Agencies and/or international Organizations; experience in Risk management activities in EU Institutions/Agencies and/or international Organizations; data analysis skills to inspect, clean, transform, and model data to extract insights and support decision-making; hold a (recognised) Project Management qualification. Respond to the consultation APPLY NOW