[5784] Security Accreditation Activities

Start date: 01 April 2026 (Flexible)
Clearance: NATO Secret or equivalent
Location: Mons, Belgium

Requirements

SECURITY

• A valid security clearance at the level of NATO SECRET or above is expected for the Contractor’s personnel undertaking this project.

EXPERIENCE AND QUALIFICATIONS

• Comprehensive knowledge of the principles of computers and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• At least five years of experience developing, maintaining, and updating CIS Security policies, standards, procedures and guidelines.
• Proven track record of mapping organizational security documentation to the CIS Security Controls and supporting compliance and audit readiness efforts.
• Hands-on experience conducting periodic reviews, gap analyses, and continuous improvement of security documentation to reflect evolving regulatory requirements.
• At least five years of experience collaborating with technical, operational and compliance stakeholders to ensure security procedures are accurate and aligned with the business risk management objectives
• Demonstrable previous experience in maintaining version-controlled security documentation repositories and ensuring proper change management, approval workflow and traceability
• At least three years of experience planning, conducting and documenting security testing and verification activities, such as control validation, CIS system configuration reviews and procedural walk-throughs, to confirm the effectiveness and operational readiness of CIS-security aligned security controls
• Very good knowledge of spoken and written English as work is conducted in English
• The possession of one or more of the following industry certifications will be considered as an asset: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); Certified in Risk and Information Systems Control

OBJECTIVES
The main objectives are:
2.1 To produce, review and maintain a document repository which contains up-to-date security related documentation of each remote site (approximately 54 sites).
2.2 To create security accreditation documentation for four (4) CIS systems.

SCOPE OF WORK

In close coordination with the Site Security Officer (SSO) at each remote site, the CIS capability Service Delivery manager and the NCIA Security Accreditation Office, the Contractor’s personnel shall perform the following activities:
3.1 Review existing security documentation and update it as required, to ensure compliance with security guidelines
3.2 Maintain a document library that contains the most updated site and system security documentation
3.3 Establish periodic communication with Site Security Officers to trigger and monitor their actions in updating site specific documentation within the agreed timelines
3.4 Create, and present to the customer, a periodic report that shows the security compliancy and pending actions of each site in terms of security related documentation
3.5 Keep existing user and administrator CIS Security Operating Procedures up-to-date
3.6 Create a basic training package, in PowerPoint format, that describes the actions each Site Security Officer shall perform to maintain local security documentation in compliance with security directives and guidelines
3.7 Review and provide constructive feedback on:
3.7.1 Security Test and Verification Plans and Reports (STVP / STVR)
3.7.2 CIS Security description documents related to managed CIS systems