Data Security and Infrastructure Consultant

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role Background

NATO INFRASTRUCTURE SERVICES CENTRE (NISC) has a requirement for subject matter experts (SME) to be embedded with a team of NCI Agency staff in support of the Scientific Programme of Work for 2025.

This expertise is required to supplement the current level of expertise within the NISC so the consultants must be ready to quickly integrate with the current team and take up duties. The work required will be based on deliverables as defined below. A request for available staff has not been successful in this request for consultancy support.

Role Duties and Responsibilities

Allied Command Transformation (ACT)

• Support and technical expertise as subject matter experts for ACT’s objectives in the “Interoperability Continuum” (CWIX, TIDE Sprint, iO360, Hackathon).
• Develop Enterprise level architectures supporting the successful conception of DCS to inform how it fits in NATO business functions and use cases.
• Support DCS Policy management and automation concept development, including use cases to motivate automation scenarios. This is critical for the success of DCS by reducing the burden on users and enabling a successful rollout of DCS across the NATO Enterprise.
• Coordinate DCS technical activities with Zero Trust Architecture (ZTA) and NATO Core Data Framework (NCDF) initiatives.
• Investigate metadata labelling and tagging in relevant use cases, such as multi- domain operations and DISG.
• Include DCS in ongoing Federated Mission Networking (FMN) spiral specification development.
• Promote the DCS reference environment with NATO participants; mature DCS reference environment to support additional binding profiles; develop Record of Investigation (RoI) on crypto options for DCS.
• viii)Sustain Core Services capability development and specification of Cross-Domain Information Sharing (C-DIS) including interoperability for federating NATO’s CES Capabilities.
• Support and technical expertise as subject matter experts for ACT’s objectives in the NCDF development and standardization.
• Investigate SRM and messages mapping transformation languages availability, formulate a workable proposal for a mapping and transformation language and support its validation.
• Support Tactical Data Link (TDL) STANAG alignment activities.

NATO Digital Staff (NDS)

Digital Policy Committee (DPC) Line of Development. Metadata harmonization.

DPC Line of Development. Production of regulatory documentation and standards.

• This work will further develop and contribute to the definition of Information Sharing Scenarios for Core Services. This includes
  • Knowledge and expertise in Metadata Labelling, Binding, Binding Profiles, Label to Marking mapping, label interoperability
  • NATO Core Data Framework (NCDF) and Common Cross Community of Interest Semantic Reference Model (CXCSRM)
  • STANAG alignment to metadata standards activities
  • Federated information exchange based on meta/data standards that underpin a data architecture consisting of APIs, data lakes, meshes, fabrics and backbones
  • Cross domain information exchanges including Cross-Domain Information Sharing (CDIS) solutions
  • Validation of federated information sharing Core Services at various exercise venues such as TIDE Sprint and CWIX. This should demonstrate alignment of national attributes with NATO, such that information can be shared between partners using a single sign on
  • Federated Identity Management
• Contributing as subject matter experts in these areas requires a depth and breadth of knowledge in the NATO Consultation, Command and Control capability within the NATO Command Structure as well as expertise in current and planned Core Services.
• The work will entail the development and revision of technical documentation, preparing briefings on changes and validation results as well as design and development of proof of concept demonstrators for validation purposes.
• Attendance at coordination meetings and exercise venues may be requested.

CIO POW

DCS Pilot oversight

• Support Source Selection based on suitability criteria
• Support in assessment of standards-compliance through the use of the DCS Reference System
• Contribute to and Review Pilot final report

Deliverables

• Expert-level support for NATO elements (NDS, ACT HQ and NCI Agency) with the emerging Metadata Labelling Strategy and the Data Centric Security Strategy. The design of Test Cases and coordination with test partners will be required in preparation for CWIX 2025. This may require demonstration and testing of Data Centric Security (DCS) components.
• Participation in the CWIX 2025 Exercise to support NCI Agency in executing defined Test Cases and preparing the Final Report;
• Expert level support for the modification, development and validation of Binding Profiles in support of TIDE and CWIX activities.
• Expert level support of NCI Agency to coordinate with nations and the development of non-finite binding mechanisms and a detailed Implementation Plan for achieving the strategic realisation described in Metadata Labelling and Data Centric Security Vision & Strategy documents;
• Review and input to achieve revisions to the current NATO FMN Implementation Plan, especially the profile templates and instructions and contribute to similar profile templates and instructions for AFS;
• Expert level support to NCMS STANAG 5636 (ADatP) development and ratification process.
• Expert level support for the development of the Core Services technical Architectures using the NATO Architecture Framework (NAF) and the validation of the proposed architecture.
• viii)Review and input into the technical design and test cases for delivery of the IEG C solution.
• Review and input into the Federated Identity Management policy, standardization and experiments

The primary required work is focused on:

• The development and validation of NATO Enterprise Core Services requirements, architectural products and technical specifications (see deliverables A1, A2, A8, A9, A11, B6, B7, B8, B9, D1, D2 below);
• Developing and supporting Alliance and Coalition Federation information sharing concepts, services and specifications (see deliverables A3, A4, A5, A6 below);
• Technical input and validation of Data Centric Security (DCS) and metadata labelling strategies for the Alliance Federation (see deliverables A3, A10, A13, B2, B3, B4, B5 below);
• Leading on implementation of DCS concepts (see deliverables A3 below);
• Supporting interoperability activities (e.g. FMN, TIDE and CWIX) (see deliverables A5, A14 below);
• Providing technical support for Allied Command Transformation (ACT) and NATO Digital Staff (NDS) activities in the area of Information Management and Core Service standardization (see deliverables B5 below).
• Supporting NATO Core Data Framework (NCDF) implementation development and to support Tactical Data Link (TDL) STANAG alignment activities (see deliverables B1, C1, C2, C3 below).
• Developing a business and technical architectures that support the implementation of Data Centric Security (DCS), particularly for DCS Maturity Level 1-2 (see deliverables A3, A15 below).
• Designing and documenting a common labelling approach in support of DCS Maturity Levels 1 and 2 (see deliverables A2, A3 below).
• Assessing processes and design mechanisms for assisted labelling of information (see deliverables A12 below).
• Assessing, validating and integrating DCS approach into NATO Enterprise and FMN architectures (see deliverables A7, B7 below).
• Investigating the enhancement of cryptographic protection and recommending the future approach for achieving DCS Maturity Level 1 (see deliverables A3 below).
• Facilitating the effective adoption and deployment of DCS towards its end-state via execution of coherence activities across the NATO Enterprise (see deliverables B7, B3 below).
• Providing technical support for Allied Command Transformation (ACT) and NATO Digital Staff (NDS) activities in the area of Information Management and Core Service standardization (see deliverables A1, B4, B5, B6, B7, B8, B9, B10 below).

The following specific deliverables are required:

For SPW020067:

• A1: Participate in and provide input to the Core Services Workshops [3Q25, 4Q25]
• A2: Support Development of CS Architectures [3Q25, option 2Q26]
• A3: Provide support and technical expertise for Data Centric Security (DCS) Implementation [3Q25, 4Q25]
• A4: Support current and future iterations of SOR/MER [4Q25]
• A5: Support the planning and execution of ACT’s involvement in the CWIX 2025 exercise and spring/fall TIDE Sprints [3Q25, 4Q25]
• A6: Support the planning and execution of ACT’s involvement in the CWIX 2025 exercise [4Q25]
• A7: Federated Mission Networking Support [3Q25, 4Q25]
• A8: Support the capture of Capability/Service Requirements for C-DIS [2Q25, 3Q25]
• A9: Support Development of C-DIS Architectures [4Q25, option 2Q26]
• A10: Participate in and provide input to the DCS Workshops [4Q25]
• A11: Support Development of CIS Interconnection Scenarios mapping to existing CS CPP [4Q25]
• A12: Support DCS integration activities with Zero Trust Architecture (ZTA) and NATO Core Data Framework (NCDF). [4Q25].
• A13: Deliver recommendations on approaches for metadata labelling, binding and tagging [4Q25].
• A14: Support developing Federated Mission Networking (FMN) use cases, such as multi-domain operations (MDO) [4Q25].
• A15: Document DCS crypto options [4Q25, option 2Q26].

For NCB020778:

• B1: NCDF and Data transformation support [2Q25, 3Q25, 4Q25]
• B2: Support to Data Centric Security (DCS) CaT [2Q25, 3Q25, 4Q25]
• B3: Data Centric Security (DCS) Coordination [2Q25, 3Q25, 4Q25]
• B4: Data-Centric Transformation Support [2Q25, 3Q25, 4Q25]
• B5: Assuring data standards coherence with STANAGs 5636, 4774, 4778 and semantics align in MDO [2Q25, 3Q25, 4Q25]
• B6: Federated IDM candidate solution architecture [2Q25, 3Q25, 4Q25]
• B7: Contribution to Zero Trust Implementation, API Technical Implementation and Interconnectivity of NATO CIS Directives [2Q25, 3Q25, 4Q25]
• B8 FORMETS Discovery Metadata Specification (FDMS) Revision: Updating FDMS to align with NATO labelling standards for external use case on themessage instance (and Message Definition) and prepare as Standards Related Document (SRD) to APP-11 [4Q25]
• B9: Metadata Campaign [2Q25, 3Q25, 4Q25]
• B10: Service Interface Profiles (SIP) and Standards/Supplements [2Q25, 3Q25, 4Q25]

For SPW020023:

• C1: Support NATO Core Data Framework (NCDF) implementation development [2Q25, 3Q25, 4Q25]
• C2: Support NATO Core Data Framework (NCDF) maturity model development[4Q25]
• C3: Support NATO Core Data Framework (NCDF) roadmap development [4Q25]

For CIO020725:

• D1: Support deployment and testing of solution[2Q25]
• D2: Contribute to and review final report [3Q25, 4Q25]

Essential Skills and Experience

• Expert knowledge of NATO’s Data Centric Security (DCS) and Zero Trust vision and strategy, along with expert technical knowledge of enablers such as the NATO Metadata Binding Service and NATO End Point Labelling demonstrators;
• Detailed knowledge of Industry and NATO standards in the area of labelling, binding and marking;
• Expert knowledge of NATO Confidentiality Label Syntax specifications, profiles and emerging standards;
• Expert knowledge of NATO Metadata Binding Mechanism specifications, profiles and emerging standards;
• Expert knowledge of NATO Core Metadata Specification, profiles and emerging standards;
• Expert knowledge of NATO Core Data Framework (NCDF) and related profiles and emerging standards;
• Detailed knowledge of NATO’s STANAG and IEPD processes;
• Detailed knowledge of NATO cross-domain solutions and information exchange requirements;
• Detailed knowledge of FMN concepts, evolutionary strategy and the NFIP;
• Detailed knowledge of AFS concepts, evolutionary strategy and the AFS Joining Instructions
• Detailed knowledge of methods and mechanisms to resolve security label translation/mapping between NATO and NATO national systems;
• Detailed knowledge of federated Identity and Access Management (IdAM) policies, standards and industry trends;
• Detailed knowledge and experience with Web Service-specific security standards and products including Security Policy Information File (SPIF), OIDC, SAML 1.x and 2.0, XACML, WS-Security, WS-Trust, Microsoft Active Directory Federation Services (ADFS), and competing products in this space;
• Detailed knowledge and experience with Service Oriented Architecture (SOA) implementation concepts including Web Services, SOAP, REST, Publish- Subscribe, JSON, XML, WSDL and UDDI, as well as Web Services specifications;
• Detailed knowledge and experience with specific security areas including PKI, X.509, and products including Microsoft Certificate Services and Entrust Certificate Authority. Knowledge of the Enterprise NPKI would be beneficial;
• Expertise in commercial security labelling products and object level protection solutions;
• In-depth familiarity with NATO organisational and political structures and relationships with NATO and Partner nations;
• Good understanding of cryptography;
• Ability to independently produce and edit technical documentation and scientific reports in English;
• Excellent communications skills;
• Good understanding of the project management methodologies, including PRINCE 2 and Agile/Scrum

Working Location

• Remote

Working Policy

• Off-Site

Travel

• Some travel to other NATO sites may be required

Security Clearance

• Valid National or NATO Secret personal security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.