2025-0275 Operational Svc Support for NATO NISC ID&E OPEX (CTS) ITALY - 4 Sep

Deadline Date:  Thursday 4 September 2025
 
Requirement:   Operational Service Support for NATO NISC ID&E OPEX - Network Engineer
 
Location:  Grazzanise, ITALY
 
Full Time On-Site:  Yes
 
Time On-Site:  100%
 
Not to Exceed:  2025 BASE: 3 sprints, (Not to Exceed) NTE € 17,100  / sprint, total Not to Exceed (NTE) € 51,840
2026 - 2027 - 2028 OPTION
 
Period of Performance:  BASE period: 13 October 2025 
 
Required Security Clearance:  NATO COSMIC TOP SECRET (Please see Paragraph 8 in SOW)
 
Please do  NOT  apply for any NATO contract positions unless you meet ALL the following criteria:

1. Current National or NATO SECRET clearance
2. Nationality of one of the NATO member countries
3. Current work visa for the specific location if applying for an in-country position

• NATO Communication and Information Agency (NCIA) provides end-user services to customers throughout NATO. These end-users services are supported by Innovation, Deployable & Engineering (ID&E) - Operations & Exercises (OPEX) provided by the NATO Infrastructure Services Centre (NISC) Business Area of NCIA. All services provided by NCIA, regardless of whether they are end-user services or supporting services, are under the responsibility of Service Delivery Managers (SDM).
• The NATO Infrastructure Service Centre (NISC) Business Area Lead (BAL) is accountable for planning and executing the full lifecycle management activities (design, transition and operations) for the identified area of responsibility. NISC provides generic, domain independent, technical functionality that enables and facilitates the operation and use of Information Technology resources. NISC services (including: subject matter expertise; acquisition; project management, operations and maintenance; and, disposal) are provided in the following technical domains: Network Services (to include routing, switching and transmission services), infrastructure hosting, storage and processing, infrastructure networking, HW and SW management, databases and web platform services, as well as identity management. Services are provided throughout the lifecycle to both internal and external customers in both static and deployable settings.

• Ensure high-quality, continuous support for DCIS service
• Provide continuous monitoring and pro-active administration of the DCIS service
• Develop and deploy iterative updates to the DCIS services, aligning with evolving business requirements.

• Supporting the delivery of 3rd level technical support for IT and Data Management Services in DCIS and assuring availability of assigned services is in line with Target of table 3.2.
• Supporting the performs fault diagnosis using the IT and Data Management Services Management System
• Supporting to Supervise and carry out routine maintenance of IT and Data Management Services infrastructure, management appliances and other NATO IT and Data Management Services equipment
• Supporting the completion of any changes to the system documentation
• Supporting the completion of backups and restores of IT and Data Management Services devices
• Supporting the performs remote fault diagnosis on IT and Data Management Services as required
  Supporting the collaboration with the stakeholders, both internal and externals, as necessary, to coordinate efforts and ensure smooth execution of software support and development activities
• Supporting the execution of the processes of Incident Management, Change Management and Release Management, as required, following the NCIA procedures and execute incident intervention/resolution within expected KPI`s listed under 3.3

• The contractor shall provide services 100% On-site, FSP2 Grazzanise - Naples (ITA)
• The Service will be executed mainly onsite but some sprint will be other NATO entities. Remote work cannot be performed offsite NATO entities since the nature and classification of the work which requires the contractor to be present at the office. Exceptionally requests can be agreed on a case by case basis.

• The Contractor will participate in a rotation-based on-call system with the Purchaser's staff
• On-call activities are considered delivery-based and part of the monthly sprint cycle
• After each on-call day, a daily status report will be provided on a Purchaser provided
• SharePoint page containing the following information:
  • Any Issue: Yes / No
  • Remarks: Summary of the issue and the fix provided.
• The daily report will be provided no later than 8:30 the following day.
• A summary of the issues handled and resolutions provided during the on-call period will be submitted at the end of the sprint.

• The schedule will be defined during sprint planning and will outline who is responsible for on-call activities duties each week
• On-call duty will cover critical issues outside working hours Mo.-Th. 08:30h-17:30h Fr. 8:30h-15:30h including weekend and national holidays.
• The Contractor would cover maximum 2 weeks per month.

• Responding to urgent incidents or requests during the designated on-call hours
• Resolving high-priority incidents to ensure minimal downtime and quick resolution
• Documenting any on-call activities, including actions taken to resolve issues

• There may be requirements to travel to other sites within NATO for completing these tasks
• Travel will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.5 of AAS Framework Contract and within the limits of the NCIA Travel Directive. They will be invoiced separately to the purchaser by the service provider, in accordance with the terms and conditions of the framework agreement. These additional travel costs are considered an extra charge to the overall bid price.

• Design, implementation and support scalable enterprise network infrastructures leveraging BGP, MPLS, IPv6, OSPF, IS-IS.
• Active CCNP certification is required.
• Active CCIE (R&S, Enterprise Infrastructure or Service Provider) certification is desirable.
• Deep knowledge of BGP, including route reflectors, confederations, communities, path manipulation, and filtering (iBGP, eBGP, policy control).
• Proficient in QoS design, shaping, policing, and classification techniques for converged networks. Extensive experience in fine-tuning QoS policies to support mission-critical applications and voice services. Knowledge of QoS configuration and traffic classification models (CBWFQ, LLQ and WRED).
• Proven expertise in IPv6 implementation, troubleshooting and dual-stack environments with a strong focus on IPv6 adoption and transition strategies.
• Deep knowledge and experience with: policy-based routing, route aggregation and summarization, redistribution, VRF, MPLS traffic engineering.
• In-depth knowledge of multicast protocols (PIM sparse/dense mode, IGMP, MSDP, Anycast RP) and their use in real-world deployments. Configuration and troubleshooting of multicast protocols.
• Proficient in datacenter and switching technologies (STP, MSTP, RapidPVST, EtherChannel, LACP, Virtual Stack, StackWise, Cisco Nexus NX-OS, Spine-Leaf Architecture, VXLAN)
• Strong troubleshooting skills with tools like Wireshark, NetFlow and SNMP. Knowledge of network monitoring concepts.
• Hands-on experience with SD-WAN technologies.
• Familiarity with DevNet, API integrations, and network programmability. 
• Knowledge of network security best practices (ACLs, firewalls, VPNs, IPSec, AAA, Role Based Access Control, Public Key Infrastructure, security-hardening concepts).
• Proficient in network automation and scripting (Python, Ansible, Terraform).

• Integration and support voice over IP (VoIP) solutions, including SIP trunking, call routing and voice gateway configurations.
• Experience in cloud networking
• Knowledge of Segment Routing (SR, SRv6)
• Knowledge and understanding of the latest software defined (SDN) networking technologies: VMWare NSX, Cisco ACI
• Configuration management practices and tools
• Knowledge of ITIL IT service management model
• Experience and applied knowledge of Service Transition