2025-0193 Network Engineering Security Support Services (NS) BELGIUM - 11 Jul

2025-0193 Network Engineering Security Support Services (NS) BELGIUM - 11 Jul

Contract Type:

Contractor

Location:

Mons - Mons, Belgium

Industry:

NATO

Contact Name:

Tim Lane

Contact Email:

tim@plr.ltd

Contact Phone:

Tim Lane

Date Published:

02-Jul-2025

Deadline Date:  Friday 11 July 2025
 
Requirement:   Network Engineering Security Support Services
 
Location:  Mons, BELGIUM
 
Full Time On-Site:  Yes
 
Time On-Site:  100%
 
Not to Exceed:  2025 BASE: 16 sprints, NTE € 4,750 / sprint, total NTE € 68,400
2026 – 2027 Options
 
Period of Performance:  BASE period: 18 August 2025 
 
Required Security Clearance:  NATO SECRET
 
Introduction:

  • The NCIA is looking for Network Engineering Security Support Services – On Site, delivered in SHAPE, Mons, Belgium.
  • The NCIA provides advanced technological solutions and support to NATO and its member nations. Its mission is to ensure effective and secure communication and information systems for the alliance, enabling operations and decision-making. The agency plays a critical role in maintaining NATO's technological edge and operational readiness through innovation, collaboration, and the implementation of cutting-edge technologies.
  • The NATO Infrastructure Service Centre (NISC) provides generic, domain independent, technical capabilities that enable and facilitate the operation and use of Information Technology resources. NISC services (including: subject matter expertise; acquisition; project management, operations and maintenance; and, disposal) are provided in the following technical domains: network services (to include routing, switching and transmission services), infrastructure hosting, storage and processing, infrastructure networking, hardware and software management, databases and web platform services, as well as identity management. These services cover the entire lifecycle, for both internal and external customers in static and deployable environments.
  • The NISC Network as a Service (NaaS) Area of Responsibility (AoR) spans all network infrastructure hardware, Network Function Virtualization (NFV) elements, as well as software, services, management, and licensing components enabling the provisioning, deployment, network management, maintenance, lifecycle and vendor management of the on-premises, cloud and multi-cloud network infrastructure, services and connectivity.
  • The NISC CIS Security AoR include coordination with NaaS for implementation of secure configurations for the infrastructure elements in accordance with the CIS Security accreditation documentation, approved software and hardware configuration baselines (hardening guides), and security assessment reports’ recommendations.
Objectives:
The objective of this Statement of Work (SOW) is to provide Network Engineering Security Support Services, on site, for the NCIA managed networks.
 
Scope of Work:
Network Engineering Security Support applies specialist skills to configure, troubleshoot and optimize routers, switches, firewalls, and other hardware/software networking elements to enhance network performance and ensure data and the CIS are secured in accordance with NATO Security Policy and Directives requirements. This activity requires communication with the end-user, proactive service monitoring, and taking actions to resolve incidents and recover the impacted services. This service is provided on-site, in SHAPE, Mons, Belgium.
 
This SOW covers Network Engineering Security Support for multiple NCIA-managed networks across multiple security domains, as described in Annex B.
 
All services provided by NCIA, regardless of whether they are end-user services or supporting services, are under the responsibility of Service Delivery Managers (SDM).
 
Services will be delivered in multiple sprints, each sprint being planned for a duration of one (1) week.
 
The content, scope of each sprint and their related acceptance criteria are to be peer reviewed within the sprint cycle, and communicated in writing to the contractor, before beginning of each sprint. Input and guidance will be provided by NCIA in written from or/and during the targeted review meetings.
 
Under the direction / guidance of the NISC CIS Security Risk Management Section Head, Network Engineering Security Support will conduct the following activities:
Operations:
  • Follow NISC change management process for implementing the required changes;
  • Document the changes that impact the CIS security posture into the CIS Security accreditation document set;
  • Ensure only authorized configuration baselines are deployed on all managed systems, with specific, authorized, deviations applied in a systemic manner, using configuration rules per categories of software applications;
  • Monitor continuously the security and operational dashboards, logs and alerts, identify misconfigurations; engage with the appropriate stakeholders and contribute to the remediation of the findings by implementing configurations and updates, in coordination with NaaS Subject Matter Experts (SME);
  • Ensure security-by-design and minimality principles are applied in all configuration changes;
Inventory:
  • Maintain the CMDB updated with the Configuration Items used by the services/systems listed in Annex B;
  • Perform all operation, support and maintenance activities on the platforms described in Annex B.
Incident Logging, Tracking, Dispatching:
  • Log and track incidents, work orders and change requests using the incident ticketing system (ITSM);
  • Investigate and resolve network security related issues, directly assigned by end- users/requesters, within the staff competences and administrator permissions;
  • Maintain communication with end-users when needed;
  • Ensure all tickets are updated with accurate and detailed information and resolved (or assigned to appropriate stakeholders) within the agreed service levels;
Escalation:
  • Escalate complex issues to NaaS SME support or appropriate teams when necessary;
  • Follow up on escalated issues to ensure timely resolution and user satisfaction.
Knowledge Base Management:
  • Contribute to the creation and maintenance of a knowledge base, documenting common issues and solutions;
  • Share knowledge and best practices with team members to improve overall service quality.
Performance Monitoring:
  • Monitor support metrics and KPIs to ensure high-quality service delivery;
  • Participate in regular reviews to identify areas for improvement and implement corrective actions.
Automation and Efficiency:
  • Develop and implement automation scripts to streamline routine support tasks such as software installations, updates, system checks and notifications;
  • Utilize automation to create workflows for repetitive tasks, improve service efficiency and proactively implement solutions;
  • Leverage Infrastructure as Code (IaC).
Communication and Collaboration:
  • Communicate effectively with internal user community to understand their issues and provide clear instructions;
  • Collaborate with IT teams to resolve issues and improve service delivery.
Constraints:
  • All the deliverables provided under this statement of work will be based on NCIA templates or agreed with the project point of contact.
  • All code, scripts, documentation, etc. will be stored under configuration management and/or in the provided NCIA tools.
Security:
  • The duties of the contractor require a valid NATO SECRET (NS) security clearance, for the entire duration of the contract.
Practical Arrangements:
This is a deliverables-based contract.
  • The contractor shall provide services 100% On-site NCIA Headquarters in SHAPE, Mons, Belgium. Exceptional off-site activities to support service delivery can also be arranged with the line manager’s coordination and approval.
  • There may be requirements to travel to other sites within NATO for completing these tasks.
  • Travel will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.5 of AAS Framework Contract and within the limits of the NCIA Travel Directive. They will be invoiced separately to the purchaser by the service provider, in accordance with the terms and conditions of the framework agreement.
  • The services under this SOW are expected to be carried by ONE contractor for the entire performance period.
  • The service shall be delivered during core working hours (0830 – 1200 and 1300 - 1730). Providing service out-side business hours is an exceptional situation (historically in the last years there were no such situations). If this occurs sprints price remains unchanged.
  • The contractor will be required to obtain working permission for provide on-site service in Belgium.
Qualifications: 
Technical Proficiency:
 
Knowledge and experience with design, implementation, and operation of the core network architecture for large organizations;
  • Knowledge and experience with configuration, troubleshooting and optimization of routers, switches, firewalls, and other hardware/software networking elements;
  • Knowledge and experience with CCNP Routing and Switching;
  • Services and Technology Professional Certification (e.g. ITIL, CCIE, SRA, JNCIE, or Devnet Professional or equivalent experience);
  • Knowledge and experience with Networks specification, design and testing, with an emphasis on IP networks, including IPv6, QoS, MPLS, MP-BGP;
  • Knowledge and experience of Network Functions Virtualization (NFV)/Software Defined (SDx) (e.g. SDN, SD-WAN, SDDC or SASE);
  • Experience with managing Windows, Linux operating systems;
  • Knowledge and experience with implementing security configurations in enterprise networks.
Tasks:
The support for this service requires performing the following tasks:
  • Installation, Configuration, Management, Security
  • Monitoring, Upgrade, Patching
Problem-Solving Skills:
  • Strong troubleshooting skills to diagnose and resolve hardware, software, and network issues.
  • Ability to guide users through problem-solving steps effectively.
Automation Skills:
  • Shell scripting to automate routine support tasks.
  • Create automated workflows and automate repetitive processes.
  • Ability to identify and implement automation opportunities to enhance efficiency.
Communication and Interpersonal Skills:
  • Excellent verbal and written communication skills.
  • Full proficiency in English.
  • Ability to communicate technical information to non-technical users in a clear and concise manner.
Customer Service Orientation:
  • Strong customer service focus with a commitment to user satisfaction.
  • Patience and empathy when dealing with user issues and concerns.
Organizational Skills:
  • Ability to manage multiple support tickets and prioritize tasks effectively.
  • Attention to detail in documenting support activities and maintaining accurate records.
Team Collaboration:
  • Ability to work effectively as part of a team and share knowledge and resources.
  • Willingness to collaborate with colleagues to solve complex issues.
Others:
  • The candidate has strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
  • Full proficiency in the English language.
  • The candidate must have the nationality of one of the NATO nations
APPLY NOW

Share this job

Interested in this job?
Save Job
CREATE AS ALERT

Similar Jobs

SCHEMA MARKUP ( This text will only show on the editor. )