Requirement: Cyber Security Officer
Location: Ramstein, GERMANY
Full Time On-Site: Yes
Time On-Site: 100%
Not to Exceed Rate: 90 EUR
Total Scope of the request (hours): 836
Required Start Date: 20 July 2026
End Contract Date: 31 December 2026
Required Security Clearance: COSMIC TOP SECRET-ATOMAL
Please do NOT apply for any NATO contract positions unless you meet ALL the following criteria:
- Current National or NATO SECRET clearance
- Nationality of one of the NATO member countries
- Current work visa for the specific location if applying for an in-country position
Duties & Role:
In support of CSU Ramstein's mission, the individual is responsible to develop effective, agile and resilient cyber security solutions tailored to specific operational requirements and environmental conditions. Incumbent will consult with stakeholders to evaluate functional requirements and translate functional requirements into technical solutions. Will design, develop, test, and evaluate information system security throughout the systems development life cycle and are responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Key Duties will include:
- Applies and maintains specific security controls as required by organisational policy and local risk assessments.
- Communicates security risks and issues to business managers and others.
- Performs basic risk assessments for small information systems.
- Contributes to the identification of risks that arise from potential technical solution architectures.
- Suggests alternate solutions or countermeasures to mitigate risks.
- Defines secure systems configurations in compliance with intended architectures.
- Supports investigation of suspected attacks and security breaches.
- Leads a team of 3-4 Cyber Security and COMSEC personnel through day-to-day operations
- Responsible as the Cyber Security Section Head for the administration of all aspects of Cyber Security activities in coordination with the NATO Cyber Security Centre (NCSC), to include, but not limited to, boundary protection management, data loss prevention and enterprise antimalware.
- Schedule, coordinate and facilitate security audits and inspections, manage post inspection actions.
- Supervises monitoring, testing, evaluating computer security systems and the evaluation of Cyber Security aspects of CIS Accreditation.
- Plans and as necessary implements Cyber Security services in support of Agency SLs, DSO, Strat and other Agency organizational elements as applicable.
- Can support physical task requirements with the ability to lift up to 25 lbs.
- Deputise for higher grade staff as required.
- Performs other duties as required
The Contractor shall maintain personal liability and comprehensive insurance coverage for the duration of the contract. Work may be performed on-site at the designated location and/or remotely, in accordance with project requirements and subject to prior approval by the Agency. The Contractor shall ensure reliable communication, availability during agreed working hours, and secure access to all required Agency systems, networks, and documentation platforms, in compliance with applicable security, information assurance, and data protection policies.
Requirements
Skill, Knowledge & Experience:
- Security clearance (COSMIC TOP SECRET-ATOMAL, CTS-A), provided by the national security organization valid at the time of submission of the bid and covering the period of the contract
- Minimum of 5 yrs of experience in Windows Server security hardening, including implementation of security baselines, policy enforcement, vulnerability mitigation, and system compliance;
- At least 3 yrs of experience with Trellix ePolicy Orchestrator and Trellix Endpoint Security, including Trellix Data Loss Prevention and Trellix Application Control (or equivalent security software) and 2 yrs experience with system security, security architecture, network security engineering, security governance, and risk management
- Detailed knowledge and working experience of security and networking technologies including IPv4, Software based Firewalls, VPNs, Intrusion Detection and Forensic tools
- Practical experience with: Wireless LAN technologies and endpoint security of mobile devices including laptops, tablets and smartphones; Security incident handling, interpretation of Cyber Security audit results and conducting risk assessments; Identifying and mitigating security vulnerabilities;
- Supporting NATO Enterprise CIS, knowledge of NATO responsibilities and organization, including the NATO Command Structure, ACO & ACT and knowledge of NATO Security Policy and supporting directives.
- CISM or CISSP Certification
- Bachelor's degree at a nationally certified University in a related discipline and 2 years post-related experience. Exceptionally, demonstration of a candidate's particular abilities or experience combined with at least 6 years extensive and progressive expertise in duties related to the function of the post.
- Ability to work independently and manage multiple tasks simultaneously;
- Demonstrated ability to handle stressful situations with calmness, ensuring the user feels supported throughout their interaction.
- Empathetic and patient, understanding the frustrations users may feel and aiming to alleviate them. Positive attitude and a genuine desire to assist and educate user.
- Excellent written and verbal communication skills, capable of conveying complex technical information in a user-friendly manner.
- Strong analytical skills, capable of quickly identifying issues and determining the most efficient resolution.
- Level 3 English language skills according to NATO STANAG 6001: 3333 or according to Common European Framework of Reference for Language level B2-C1/Upper Intermediate-Advanced level
- Knowledge and working experience: Palo Alto Enterprise firewalls, Public Key Infrastructure, McAfee Endpoint Security Enterprise solutions.
- Knowledge and experience with Windows Server 2022, 2019, 2016, and Windows 11, Windows 10 operating system environments.
- Experience in managing centralized endpoint security (i.e. AV, DLP, Application Control, Drive encryption) solutions, (i.e. Trellix) and using Vulnerability Scanners (i.e., Nessus). Knowledge and experience in server, network and storage virtualization technologies (i.e. VMware vSphere, ESX, NSX and vSAN).
- Fundamental knowledge of cloud technologies
- Familiarity with ITIL or other IT service management frameworks(incident, request fulfilment, problem, change and capacity management)
- Basic understanding of Disaster Recovery (DR) and Business Continuity (BC) concepts (i.e. RPO, RTO, MTTR, MTBF) and approaches (active-active, active-passive)
- Prior experience of working in an international environment comprising both military and civilian elements
- TRG and CERT:
- CGRC/CAP or CASP+ (or Cloud+, PenTest+, Security+, GSEC or equivalent certification)
- ITIL (v3 or v4) Foundation certified
- 0731 NATO COMPUSEC Practitioner Level 1, 0732 NATO COMPUSEC Practitioner Level 2
- 0280 NATO CIS Security Officer
- Security Professional certification: CISM or CISSP or CISSO or CPTE or CySA+ or FITSP-A or GCSA or CISA or CISSP or CISSP-ISSEP or GSLC or GSNA; (CEH, GIAC, ISC2, or other relevant certification)
