[3148A] Cyber Security Incident Investigator

Start date: Sep 2024
Pay rate: Negotiable
Location: Mons, Belgium
Clearance: NATO Secret


• A university degree at a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 8 years of specific experience
• Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate's particular abilities or experience that is/are of interest to NCI Agency; that is, at least 15 years extensive and progressive expertise in the duties related to the function of the post
• At least 8 years of demonstrable experience in handing complex Cyber Security Incidents, ideally in an international, governmental or military environment
• Comprehensive understanding of the principles of Computer and Communication Security, networking, and the vulnerabilities of modern operating systems and applications acquired through a blend of academic or professional training coupled with practical professional experience
• Excellent communications skills and reporting experience with capacity to communicate to different types of audience (senior executive, middle management, technical and non-technical)
• At least 5 years demonstrable experience in leading teams to achieve success in adverse conditions
• In-depth demonstrable knowledge in the management of Vulnerabilities and Cyber Security protective measures
• Hold a professional certification on Cyber Security Incident Handling
• Experience in risk assessment and management
• Good understanding of the MITRE ATT&CK framework


• Lead NATO Enterprise-wide Cyber Security Incident Response on the coordination, procedural, technical, risk management and communications aspects
• Lead NATO Enterprise-wide Vulnerability Management effort consisting of reviewing new vulnerabilities, identifying vulnerable assets, assessing the exploitability of the vulnerabilities on NATO environments, assessing the operational and business impact of a potential exploitation, identifying the mitigation options for these and tracking the remediation actions
• Lead the execution of NATO Enterprise-wide Defence Cyber Operations in or through cyberspace to preserve friendly freedom of action
• Transform cyber strategic objectives in execution plans, including the translation from strategic/operational objectives to technical execution. Lead, track, correct and report on the execution status
• Lead and motivate a team composed of different profiles with diverse background in very tense and difficult situation to achieve the objectives
• Create and maintain a network of cyber security personnel across and beyond the NATO Enterprise to facilitate communication and coordination of urgent actions when the need arises
• Redact, review and prepare reports, recommendations and presentations to executive level staff, Security Authorities on Cyber Security Incident Response, Vulnerability Management and Defensive Cyber Operations, as well as any other topic related t
• Cyber Security
• Deliver quality briefings, adapted to the audience (Technical experts, Military operational personnel, C-level executives, media and industry) on Cyber Security Incident Response, Vulnerability Management and Defensive Cyber Operations, as well as any other topic related to Cyber Security
- Performs other duties as may be required

Chaitra Katkar