2025-0001 Op. Svce Sppt for NATO NISC ID&E OPEX Net Eng (CTS) ITALY - 30 Jul REL

Deadline Date:  Wednesday 30 July
 
Requirement Title:  Operational Service Support for NATO NISC ID&E OPEX – Network Engineer RELAUNCH
 
Location of Performance: 100% On-site, FSP2 Grazzanise (ITALY)
 
Cost Not to Exceed:
2025 BASE: 5 sprints, (Not to Exceed) NTE € 19,200 / sprint, total Not to Exceed (NTE) € 96,000
2026 – 2027 – 2028 OPTION: Up to a maximum of 12 sprints, (price per sprint will be determined by applying the price adjustment formula as outlined in CO-115786-AAS+ Special Provisions article 6.5.)
 
Period of performance:  1 September 2025
 
Required Security Clearance: Cosmic Top Secret. NS with CTS in progress acceptable to start.
 

1. Current National or NATO SECRET clearance
2. Nationality of one of the NATO member countries
3. Current work visa for the specific location if applying for an in-country position

• Performance of the services described in this SOW requires a valid NATO COSMIC TOP SECRET. NATO SECRET security clearance can be accepted, prior to the start of the engagement with COSMIC TOP SECRET clearance in process. The COSMIC TOP SECRET shall be obtained during the first year of the execution of deliverables under this SoW.
• The Contractor SHALL ensure that all the Contractor staff or anyone working under the remit of the Contractor requiring recurring access to on-site locations for the delivery of the services under
  this SoW, have a valid NATO Personal Security Clearance at least to the NATO COSMIC TOP SECRET level.

• NATO Communication and Information Agency (NCIA) provides end-user services to customers throughout NATO. These end-users services are supported by Innovation, Deployable & Engineering (ID&E) - Operations & Exercises (OPEX) provided by the NATO Infrastructure Services Centre (NISC) Business Area of NCIA. All services provided by NCIA, regardless of whether they are end-user services or supporting services, are under the responsibility of Service Delivery Managers (SDM).
• The NATO Infrastructure Service Centre (NISC) Business Area Lead (BAL) is accountable for planning and executing the full lifecycle management activities (design, transition and operations) for the identified area of responsibility. NISC provides generic, domain independent, technical functionality that enables and facilitates the operation and use of Information Technology resources.
  NISC services (including: subject matter expertise; acquisition; project management, operations and maintenance; and, disposal) are provided in the following technical domains: Network Services (to include routing, switching and transmission services), infrastructure hosting, storage and processing, infrastructure networking, HW and SW management, databases and web platform services, as well as identity management. Services are provided throughout the lifecycle to both internal and external customers in both static and deployable settings.

• Ensure high-quality, continuous support for DCIS service
• Provide continuous monitoring and pro-active administration of the DCIS service
• Develop and deploy iterative updates to the DCIS services, aligning with evolving business requirements

• Design, implementation and support scalable enterprise network infrastructures leveraging BGP, MPLS, IPv6, OSPF, IS-IS.
• Active CCNP certification is required.
• Active CCIE (R&S, Enterprise Infrastructure or Service Provider) certification is desirable.
• Deep knowledge of BGP, including route reflectors, confederations, communities, pathmanipulation, and  filtering (iBGP, eBGP, policy control).
• Proficient in QoS design, shaping, policing, and classification techniques for converged networks. Extensive experience in fine-tuning QoS policies to support mission-critical applications and voice services. Knowledge of QoS configuration and traffic classification models (CBWFQ, LLQ and WRED).
• Proven expertise in IPv6 implementation, troubleshooting and dual-stack environments with a strong focus on IPv6 adoption and transition strategies.
• Deep knowledge and experience with: policy-based routing, route aggregation and summarization, redistribution, VRF, MPLS traffic engineering.
• In-depth knowledge of multicast protocols (PIM sparse/dense mode, IGMP, MSDP, Anycast RP) and their use in real-world deployments. Configuration and troubleshooting of multicast protocols.
• Proficient in datacenter and switching technologies (STP, MSTP, RapidPVST, EtherChannel, LACP, Virtual Stack, StackWise, Cisco Nexus NX-OS, Spine-Leaf Architecture, VXLAN)
• Strong troubleshooting skills with tools like Wireshark, NetFlow and SNMP. Knowledge of network monitoring concepts.
• Hands-on experience with SD-WAN technologies.
• Familiarity with DevNet, API integrations, and network programmability.
• Knowledge of network security best practices (ACLs, firewalls, VPNs, IPSec, AAA, Role
• Based Access Control, Public Key Infrastructure, security-hardening concepts).
• Proficient in network automation and scripting (Python, Ansible, Terraform).