2025-0314 Provision of JISRC Services (NS) NETHERLANDS - 3 Dec

Please do  NOT  apply for any NATO contract positions unless you meet ALL the following criteria:

Any applications that do NOT meet all the above - and do not CLEARLY show these on the CV - will be deleted.

Introduction:

• The JISR Centre's (JISRC) Vision is to assure information superiority for NATO. Our Mission is to deliver, support and protect valued Intelligence, Surveillance and Reconnaissance (ISR) capabilities, expertise and services, to maximize operational effectiveness for NATO.
• Ensuring coordination and cohesion of the multiple JISR programmes and projects from a technical perspective, the JISRC requires Solution Architect services to capture and document the as-is and to-be JISR architecture.
• The services include the capturing of the current JISR architecture through the delivery of a documented understanding of all current programmes/projects/services, the capturing of the to-be architecture as well as the implementation roadmap in order to assure future programmatic technical coherence. With a focus on documenting the architecture and engagement with all JISRC key stakeholders, the services will ensure the delivery of high-quality technical products that align and will inform current and future JISR programmes.

Scope of Work:
The purpose of this project is to provide the JISR "as-is" and "to-be" architecture and implementation roadmap. To achieve this scope, the Contractor shall:

• Engage with JISRC staff (Technical Subject Matter Experts, Service Delivery Managers, Project Managers) to understand and document current and future system/service capabilities; and with Chief Technology Office (CTO) staff, especially the JISR Segment Architect and JISR Segment Service Engineer.
• Document JISR workflows and processes at technical level;
• Develop high level overview of technical solutions in place;
• Deliver JISR as-is architecture, capturing all current JISR services, applications and system capabilities; their inter-dependencies and the technologies by which they are implemented
• Deliver JISR to-be architecture
• Deliver implementation roadmap that specifies how to achieve the to-be architecture;
• Advise on technical synergies, gaps and opportunities identified.

Deliverables:
The Contractor shall deliver:

• JISR "as-is" architecture, capturing current system/service capabilities;
• JISR "to-be" architecture capturing current and future system/service capabilities, dependencies on platform, infrastructure and AI services, implementation & integration technology choices ;
• JISR roadmap that shows how the to-be architecture will be achieved.

"As-Is" Architecture
The "as-is" architecture will include the current JISRC services, applications, and system capabilities, including but not limited to:

• NAMIS Application Service (APP023).
• INTEL FS Application Service (APP033).
• HMART Application Service (APP046).
• Allied Command Operations Open Source System (AOSS) Application Service (APP047).
• Core Geographic Information System (GIS) Application Service (APP055).
• ISR Collection Management Tool (ICMT) Application Service (APP056).
• INTEL FS SIGINT Capability (ISC) Application Service (APP057).
• Release Server (RS) Application Service (APP058).
• ISR Coalition Shared Data (CSD) Service (APP060).
• Electromagnetic Warfare Functional Services (EW-FS) Application Service (APP075).
• PNT & NAVWAR Application Service (APP102).
• NATO Automated Biometrics Identification (NABIS) Application Service (APP079).
• Information Environment Assessment (APP110).
• APSS Management and Transfer Service.

The "as-is" architecture report shall address the following areas:

• Executive Summary: Brief overview of the current architecture and objectives of the document.
• Current Architecture Overview: High-level description of the current JISR architecture
• Stakeholders and Roles: List of users, associated locations, and their roles in the current system/service capabilities.
• Application Architecture: High-level description of existing applications, their software components, interfaces, related standards, and dependencies between the applications.
• Technical Architecture: Description of the hardware, infrastructure services, network components and connectivity, platform services, middleware as they are relevant for the deployment and hosting of the conceptual and application layer components; related to locations.
• Security Architecture: Current security measures, policies, and vulnerabilities; explanation why and how security concepts are realized.
• Pain Points and Limitations: Identified issues, bottlenecks, risks, and gaps in the current architecture.
• Compliance and Standards: International and/or existing NATO standards; adherence status;
• Appendix: Diagrams, glossary, references, and supporting documents.

Working Practices
In order to deliver the report detailed above, the Contractor is expected to:

• Conduct interviews with relevant stakeholders regarding projects and programmes detailed by JISRC project team;
• Support the report with an overview of conceptual/logical systems and the components (structure);
• Support the report with a model of implementation-independent functionality (services) that is provided at the business level, and refinement into sub-functions;
• Support the report with an overview of current data holdings and data flows (IERs) - associated volume, and storage details, data exchange mechanism, data transformation and processing components and High level data models as required;
• Assess feasibility for a shared platform including all JISR services and applications.

"To-be" Architecture
The "to-be" architecture shall be based upon existing and future JISRC system/service capabilities such as:

• INTEL FS Spiral 2.
• GeoViewer
• INTEL & ISR Capability Programme Plan
• Alliance Persistent Surveillance from Space
• PANGEA
• NATO Geospatial Enterprise Core Service
• NABIS
• C2 of EW
• AI Platform
• Others - during contract implementation.

The "to-be" architecture shall:

• Simplify, harmonize the "as-is" architecture: Consolidate technology choices, identify common components and optimize their reuse
• Reduce Operation & Maintenance support from NCIA side.
• Be data-centric, considering data as a first class concept and avoiding to lock data into specific applications/systems Aligned with NATO's Data Centric Reference Architecture.
• Be a resilient architecture with open design for the future.
• Optimize data flow; consider data transfer spanning different security domains, networks, and the internet/cloud.
• Support interoperability including interoperability with the nations.
• Zero Trust Policy: enforce identity checks, data integrity, provenance, and strict guard policies.
• Comply with NATO STANAGs when available.
• Applications need to be cloud-native as much as possible, i.e. embrace a cloud-optimized design using cloud services and principles such as portability, resiliency, and scalability, and ensure readiness for migration to the cloud.
• Maximize use of available platform, infrastructure and AI services.

The "to-be" architecture and the generated report shall address the following areas:

• Executive Summary: Overview of the future architecture vision and objectives.
• Business Goals and Drivers: Business goals driving the new architecture, including expected benefits.
• Future Architecture Overview: High-level description of the future system architecture; Identify new component, and components from the as- is architecture that can be reused or need to be modified.
• Target Stakeholders and Roles: List of future users, associated locations, and their expected roles.
• Application Architecture: High-level description of planned applications, their functions, interfaces, and dependencies.
• Information and Data Architecture: Future data models, data flow improvements, data governance.
• Technology Architecture: Target application technology
• Security Architecture: Planned security controls, risk mitigations, and compliance.
• Integration Architecture: Future integration methods, APIs, middleware, and interoperability.
• Compliance and Standards: Future compliance requirements and alignment strategy.
• Appendix: Diagrams, glossary, references, and supporting documents.

Implementation roadmap
The implementation roadmap aims identifying the bridge between the "as-is" architecture and the "to-be".
The implementation roadmap shall enable the ability to deliver faster, identifying quick wins as well as long-term strategies.
The implementation roadmap shall address the following areas:

• Gap analysis: Compare as-is and to-be to highlight what needs to change
• Initiatives / projects: Group related changes into programmes/projects.
• Dependencies: Identify dependencies on external projects (ONX, PBN, ....)
• Roadmap Phases: Prioritize based on value, feasibility, and dependencies. Define clear phases or waves for implementation. Identify: Quick wins (low effort, high impact); Foundational work (e.g.,  data governance, cloud infrastructure); Major transformations (new core system, process re-engineering)
• Milestones and Timeline: Gantt chart or timeline view of key activities; Milestones for each work stream or phase
• Risks: Identify top risks and mitigation plans.
• Appendix: Diagrams, glossary, references, and supporting documents.

Requirements
All the documentation provided under this statement of work will be based on NCIA templates and/or agreed with the NCIA project manager.
 
Architecture views/artefacts need to be captured using agreed architecture language and tools.
 
All support, maintenance, documentation and will be stored under configuration management and/or in the provided NCIA tools.
 
The reports shall remain a high-level overview of the system/service capabilities.
 
Each report shall be limited to 100 pages max.
 
Each report (as is/to be/roadmap) shall include:

• A first level view easily readable by chiefs and staff officers. This involves representing actors and processes, capabilities and goals, but in a simplified way. It should be readable on an A4 page (when printed), portrait or landscape.
• A second level view for those who need to understand the main building blocks, from a systems engineering perspective.
• A third level view, for those who need to deliver the capability, and need more details about what those building blocks really consist of, in order to procure them;
• A fourth level view, for those who need to create solution architectures and high-level designs for the actual implementation.

Practical Arrangements:

• The services should be delivered 100% on-site at NCIA, The Hague, The Netherlands.
• Alternatively, they may be delivered using flexible working, with a requirement to be on-site at NCIA, The Hague, Netherlands, as agreed with JISRC (anticipated as 1-2 weeks per month), with the remainder of the services provided remotely.
• Access to the relevant NCIA networks and software will be established as needed.
• The services will be delivered during normal office hours following the NCIA The Hague calendar, as well as outside office hours and on weekends, if necessary.
• The Contractor personnel will be part of a team under the supervision of the NCIA (project manager).
• The NCIA project team and the Contractor personnel will have regular meetings to review progress, address issues, and make necessary adjustments to the processes or production methodology.
• The meetings will be physically in the office, or in person via electronic means using Conference Call capabilities, according to the NCIA project manager's instructions.
• The NCIA Project team will provide guidance and direction on the architecture methodology, language, tools and framework to be used.
• The Contractor personnel shall establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent implementation depending on NCIA approval.
• The Contractor personnel shall use a shared dashboard or tool to track the status of the deliverables and any issues.

Security:
All Contractor personnel / Sub-contractors shall be aware of all security rules pertaining to the handling of NATO classified information.
Personnel Security Clearance (PSC):
Individuals who require access or may have access to information classified NATO Classified or above during service delivery shall have a PSC, at the appropriate level, which is valid for the duration of the authorized access. In addition, such individuals are required to:

• Have a need-to-know;
• Have been briefed on their security obligations in respect to the protection of NATO Classified Information; and
• Have acknowledged their responsibilities either in writing or an equivalent method which ensures non-repudiation.

It will be required for the contractor access to Class II areas at NATO facilities, therefore PSC at NATO SECRET level is required as from the start date of the contract.
 
Required Qualification:
General Provisions:
A Sole contractor must deliver these services.  In the event that the contractor leaves during the contract period, a new contractor, who has the proven required qualifications and is evaluated qualified and suitable, shall replace him/her. The leaving contractor shall provide to the new contractor a training and handover of the performed history of the project. All normal NCIA Terms and Conditions apply.
 
NCIA Recognised Business hours/Holidays: NCIA -The Hague official holiday schedule applies and will be provided to the contractor.
 
NCIA Hours of Operations: Monday to Thursday 0830 - 1700 and Friday 0830 - 1500 (CET)
 
Contractor Furnished Services: Contractor shall furnish everything required to perform the contract except for the items specified and covered under NCIA Furnished Property and Services below.
 
NCIA Furnished Property and Services: Access to relevant networks can be provided by NCIA as agreed.
 
Requirements:

• It will be required for the contractor access to Class II areas at NATO facilities, therefore PSC at NATO SECRET level is required as from the start date of the contract.

Require Qualification:
The Contractor personnel shall demonstrate the following qualifications:

• MSc degree in either Computer Science, Software & Systems Engineering, or a similar area, or exceptionally, the lack of a university degree may be compensated by the demonstration of particular abilities or experience that is/are of interest to NCIA, that is, at least 6 years' extensive and progressive expertise in duties related to the services outlined in the SoW.
• Minimum 5 years' of proved experience in solution architecture delivery.
• Minimum 2 years' technical knowledge of the JISR process and ongoing programmes.
• Proven experience on the development of architectures for NATO and/or defence customers.
• Experience of using Archimate and Sparx Enterprise Architect
• Proven experience and writing of large, structure documents
• Proven ability to integrate and work in a multinational team.
• Fluent in Business English.