The Centre for Maritime Research and Experimentation (CMRE) is an executive body of the Science and Technology Organization (STO) and is governed by the provisions of the STO Charter. Within the framework of the STO in-house delivery business model, the CMRE organizes and conducts scientific research and technology development, centred on the maritime domain, delivering innovative and field-tested S&T solutions to address defence and security needs of the Alliance.
The Engineering and Information Technology Division (EITD) is essential to deliver the Centre’s Programme of Work, complementing and supporting the other main organizational element, the Research Department (RD). It supports the Engineering and the Information Technology (IT) aspects of the Centre research activity, developing and operating state of the art acoustic and oceanographic instruments and autonomous systems.
A specific function of the EITD is the conception, design, development and operation of state of the art technologies in computing, networking and modelling & simulation (M&S), ensuring interoperability, security and compliance with relevant NATO policies and regulations.
Reporting to a Department Head, or a duly appointed Section Head, and working within Engineering Project Teams in a matrix structure, the Incumbent will perform duties such as the following:
Provide professional contributions to assist in achieving and maintaining security accreditation for CMRE systems and autonomous vehicles used for data acquisition, processing and storage, and their interfacing with other CIS, across the life cycle (development, implementation, operation, enhancement, withdrawal from service).
Within a project structure, advice on cost-effective countermeasures to minimize the security risks anticipated during the development and operation phases of the CIS life cycle.
Within a framework of security accreditation, implement and operate the prescribed security controls under the supervision of the CIS Provider and the under the control of Security Staff.
Document the architecture, configuration and security posture of CIS in use within CMRE to inform the risk management activities of the Security Organization. Implement security actions and controls, under the supervision of the CIS Provider and under the control of Security staff, to execute Security Accreditation Plans.
- Plan, implement and upgrade CIS
- Manage CIS (e.g. switches, routers, firewalls also in Virtual Environments)
- Analyse security breaches to determine their root cause
- Contribute to define, implement and maintain corporate security policies
- Supervise and manage Technical Teams as required
- Undertake security testing, in accordance with an agreed Security Testing & Verification (ST&V) Plan.
- Support the CIS Provider in the formulation of Security Operating Procedures (SecOPs) for the CIS.
- Support storage, processing and transmission of NATO information in accordance with the approved SecOPs.
- Contribute to the maintenance of configuration baselines through configuration management and change control.
- Support the CIS Provider in undertaking periodic vulnerability assessments, under the control of Security staff and in accordance with the requirements of the Security Accreditation Authority
- Provide regular training and awareness to other project staff.
- Support periodic security audits performed by Security Staff and the Security Accreditation Authority.
The incumbent may be required to perform other related duties.
QUALIFICATION AND EXPERIENCE
- We are looking for a candidate with a Master of Science (MSc) Degree, or a Bachelor Degree (BSc), at a nationally recognized/certified University, in Computer Engineering, Computer Science, or other technical subject with substantial Information Technology (IT) content, and at least 4 years recent post-related experience
- At least 2 years’ experience in the implementation of security controls within a formal security management framework (e.g. ISO 27000)
- Proven experience of preparing technical documentation and Standard Operating Procedures;
- Security certifications (CISSP or CRISC) – this requirement can be waived if the academic degree has a specialization in information security issued by a nationally accredited Centre of Academic Excellence in Cyber Security Education and Research, such as those participating to the US NSA/DHS CAE-CD Program and UK NCSC ACE-CSR Programme.
- Most of the work of the CMRE is conducted in the English language, and therefore an advanced knowledge of English, both written and spoken, is essential.
The following certifications and experience will be considered as an asset.
- Proven experience with Cisco NGFW (Next Generation Firewalls)
- Proven experience with the design, configuration and operation of Cisco Routers, Switches and Firewalls
- Proven experience with the design, configuration and operation of heterogeneous secure Windows and Linux environments
- Configuration and operation experience of virtualized environments based on VMware
- Configuration and operation experience of Network Monitoring and Event Management systems
- Technical certifications such as CCNP-Security, Comp-TIA Security+, VMWare, Microsoft Windows and Linux Red Hat
- Experience in Security Incident Management
- Experience with NATO Security Policies
- Experience of supervision and management of technical teams
- Experience with the design and operation of embedded systems
- Experience with configuration management of CIS (Windows, Linux, real-time operating systems)
- Experience with Lon Talk and/or CAN-bus industry standards
- Deciding and Initiating Action - Takes responsibility for actions, projects and people; takes initiative and works under own direction; initiates and generates activity and introduces changes into work processes; makes quick, clear decisions which may include tough choices or considered risks.
- Working with People - Shows respect for the views and contributions of other team members; shows empathy; listens, supports and cares for others; consults others and shares information and expertise with them; builds team spirit and reconciles conflict; adapts to the team and fits in well.
- Relating and Networking - Easily establishes good relationships with customers and staff; relates well to people at all levels; builds wide and effective networks of contacts; uses humour appropriately to bring warmth to relationships with others.
- Applying Expertise and Technology - Applies specialist and detailed technical expertise; uses technology to achieve work objectives; develops job knowledge and expertise (theoretical and practical) through continual professional development; demonstrates an understanding of different organisational departments and functions.
- Delivering Results and Meeting Customer Expectations - Focuses on customer needs and satisfaction; sets high standards for quality and quantity; monitors and maintains quality and productivity; works in a systematic, methodical and orderly way; consistently achieves project goals.
- The post reports to a Department Head, or a duly appointed Section Head, and will direct the work of team members.
- The incumbent works with technical and project staff to meet their organizational needs in the field of networks and security.
- The post is paramount in establishing and maintaining a sound security posture for CMRE Communication and Information Systems, in coordination with security authorities.
- The work will be performed in an office, laboratory or workshop environment
- The work could be conducted also on research or military vessels (in port or at sea), or deployed field laboratories
- Slightly undesirable working conditions may apply at times. The risk of injury is categorized as: Moderate Risk
- The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours
- (Flexibility Clause) In order for the organization to deal with emergent requirements, the incumbent may be required to perform other related duties as directed (in particular, the incumbent can expect to work as a member of Working Groups, Project Teams and similar organizational units for defined periods of time).
- Annual TDY Requirement: The incumbent may be called upon to go on temporary duty (TDY), both within and outside NATO’s boundaries.
WHAT DO WE OFFER
- A world-class research facility located in the sea port of La Spezia, Italy supported by two specialised research vessels.
- An exciting place in which to work situated at an ideal location, the port of La Spezia, Italy, enabling synergy with regional and global academic institutes and industry.
- Salary and conditions of employment will be in accordance with the NATO Civilian Personnel Regulations (NCPR), which includes a rewarding salary and a comprehensive system of allowances, supplements and insurances to support families and, in case of expatriated staff, offers an interesting “expatriate” package.
- A generous annual leave and, (where eligible) home leave.
- The successful candidate will be offered a three years’ definite duration contract, which may be renewed for subsequent periods subject to business needs and satisfactory performance.
- Applicants who prove to be competent for the post but who are not successful in this competition may be offered an appointment to another post of a similar nature, which might become vacant in the near future, albeit at the same or a lower grade, provided they meet the necessary requirements..
- Please note that we can only accept applications from nationals of NATO member countries.
- Applications (including the most relevant publications, the diplomas – stating the highest level of education) for this vacancy are to be submitted using the E-recruitment system.
- Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate) and approval of the candidate’s medical file by the CMRE Medical Adviser.
- CMRE values diverse backgrounds and perspectives and is committed to recruiting and retaining a diverse and talented workforce. We welcome applications of nationals from all Member States and strongly encourage women to apply.
- Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
For any queries, please contact CMRE Recruitment Team at: firstname.lastname@example.org
To learn more about the CMRE and our work, please visit our website: www.cmre.nato.int