Requirement: Cyber Security Assessor (Vulnerability Assessment)
Location: Mons, BELGIUM
Full Time On-Site: Yes
Time On-Site: 100%
Not to Exceed Rate: 75 EUR
Total Scope of the request (hours): 836
Required Start Date: 11 May 2026
Required Security Clearance: NATO COSMIC TOP SECRET
Please do NOT apply for any NATO contract positions unless you meet ALL the following criteria:
- Current National or NATO SECRET clearance
- Nationality of one of the NATO member countries
- Current work visa for the specific location if applying for an in-country position
Duties & Role:
The contracted individual will be asked to support the development of one or more technical deliverables.
The contracted individual must be able to perform effectively and efficiently with minimal supervision.
Frequent travel to NATO and national (NATO and non-NATO) facilities is required in support of assessments.
The duties are normally performed within government or military installations, where security protocols and operational requirements prevail.
The position is based on-site, with very limited opportunities for teleworking.
The duties of the individual mainly focus on:
- Plan and execute technical On-site CIS Security Audits (Type-3) for networks, systems, and applications, and ensure the accuracy of the results;
- Analyse collected assessment data and identify security weaknesses;
- Write Security Audit reports with findings and appropriate recommendations;
- Provide briefings and further information to support remediation and mitigation;
- Contribute to development of in-house toolset for data collection and analysis;
- Performs other duties as may be required.
Requirements:
Skill, Knowledge & Experience:
- The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
- Proven, in depth understanding of computer and communications security, enterprise networking, and the vulnerabilities inherent in modern operating systems and applications;
- Ability to assess a variety of security controls aligned with industry best practices, including Zero Trust Architecture and Data Centric Security principles;
- Expert knowledge in executing vulnerability assessment scans across large, complex networks without impacting system availability or performance;
- Demonstrable hands on experience with Tenable Nessus products, including advanced configuration and customization;
- Extensive proficiency in developing and deploying Nessus audit files to enforce compliance checks for operating systems, network devices, and applications;
- Thorough understanding of Active Directory security configuration and associated vulnerabilities;
- Advanced knowledge of Microsoft Azure AD / Entra ID / Office 365 and AWS Cloud Security, with practical experience in securing hybrid and cloud environments;
- Familiarity with DevSecOps practices, embedding security into CI/CD pipelines and cloud native deployments;
- Comprehensive experience in assessing and implementing system hardening measures, antimalware configurations, and endpoint protection strategies;
- Ability to benchmark systems against recognized security standards (e.g., CIS Benchmarks, NIST);
- Applied expertise in Artificial Intelligence, including the capability to assess Large Language Models (LLMs);
- Proficiency in implementing and securing Ansible deployments;
- Expertise with Software Defined Networking (SDN) and Service Oriented Architecture (SOA) implementations;
- Capability to integrate modern architectures with enterprise security frameworks;
- Enhanced skillset in data processing automation using scripting languages (e.g. PowerShell, Python, Bash);
- Ability to build repeatable workflows/checklists to improve efficiency and reduce human error;
- Excellent communication skills, including briefing senior stakeholders, delivering clear presentations, producing high quality reports, and mediating technical discussions;
- Strong interpersonal abilities with a proven track record of working independently and collaboratively within multidisciplinary teams;
