Logo
Spektrum

IT Security SME

Spektrum, Norfolk, Virginia, United States, 23500

Save Job

Spektrum supports apex purchasers (NATO, UN, EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. Who We Are Supporting : Allied Command Transformation (ACT) is NATO’s leading agent for change: driving, facilitating, and advocating the continuous improvement of Alliance capabilities to maintain and enhance the military relevance and effectiveness of the Alliance. The Program : Capability Development & Management Support (CDMS) - DCOS Capability Development (CAPDEV) acts as the Supreme Allied Commander Transformation's Director for guidance, direction and coordination of the activities and resources of the Capability Development Directorate. The Requirements Division will execute all tasks and activities needed to support requirements management for NATO capabilities. The Capability Requirements (CR) Branch will develop the Capability Requirements Brief and recommended courses of action to resolve issues through the life cycle management of requirements using matrixed, cross-functional project-specific Requirements Management teams. The Capability Division coordinates the development of capabilities from capability planning through acceptance and then disposal with management entities, NATO Headquarters staff and the NATO Governance Structure. The Capability Forward Branch (Mons) coordinates with ACO, NCIA, NSPA, NATO HQ, territorial Host Nations, and NATO Centres of Excellence (COEs) to support the development of capabilities. Role Duties And Responsibilities : Provide subject matter expertise in cybersecurity engineering to design and implement secure systems, networks, and applications across NATO environments. Engineer, implement, and monitor technical and organizational security measures for the protection of computer systems, networks, and sensitive information. Identify, define, and document system security requirements, ensuring they align with NATO security standards and operational priorities. Design secure architectures and develop detailed Cybersecurity designs, supporting enterprise-scale solutions and mission-critical systems. Plan, research, and develop security policies, standards, and procedures aligned with NATO standards. Deploy, configure, and monitor advanced security tools and vulnerability management solutions (e.g., Nessus, Prisma, Qualys, Burp Suite, OpenVAS). Integrate security principles into Agile and DevSecOps workflows to ensure security is embedded from the outset of product development. Perform risk assessments using established tools and frameworks, advising stakeholders on mitigation strategies. Conduct incident response planning, disaster recovery preparation, and contribute to forensic investigations where required. Collaborate closely with developers, system administrators, and product managers to ensure security requirements are met throughout the lifecycle. Clearly communicate complex cybersecurity risks and issues to technical teams, leadership, and non-technical audiences. Essential Skills And Experience : Proven experience engineering, implementing, and monitoring security measures across networks, systems, and applications (incl.code analysis & vulnerability mgmt). Demonstrated ability to define, document, and maintain security requirements aligned with organizational goals. Experience designing secure enterprise architectures and developing detailed cybersecurity designs. Embedding security practices in Agile/DevSecOps or lean start-up teams. Hands-on experience with vulnerability assessment, intrusion detection, firewalls, antivirus, and content filtering. Experience using security tools such as Nessus, Prisma, Qualys, Burp Suite, OpenVAS, or equivalent. Experience in risk assessment and security auditing methodologies. Experience planning, developing, and maintaining security policies, standards, and procedures. Proven track record in system administration across multiple operating systems and platforms. Strong communication skills to present complex security issues to peers, management, and leadership. Security certifications (CISSP, CISM, Security+, CEH, or equivalent). Education : University degree in ICT, Information Security, or related discipline. Language Proficiency : Advanced Proficiency in English. Working Location : Norfolk, VA, USA. Working Policy : On-Site. Contract Duration : January 2026 – December 2030. Security Clearance : Valid National or NATO Secret personal security clearance.

#J-18808-Ljbffr