SECURITY PROFESSIONAL

Introduction

One of the key elements of the new structure is iHub Laboratory Capability(iHub) built by expanding the ACT Innovation Hub capability, managed now by the newly established Innovation Branch.The iHub provides a space to test hypotheses and solutions turning ideas into user-centric Minimum Viable Products (MVPs) through close collaboration of end users and developers. The Lab provides an incubator environment where ideas will come to life rapidly following the best practices of Agile DevSecOps from industry and the latest research from academia. The Lab operational model is being developed incrementally, and the close collaboration with all stakeholders will shape its culture, processes and toolset.The iHub will operate in a larger ecosystem of innovation-minded partners. To successfully coordinate innovation activities across partner networks it is essential to establish basic guidance and rules orchestrating interactions via a common framework. This framework will help to better capitalize on larger network capabilities, help avoid duplication of work, and promote reuse of products. The Agile DevSecOps culture that will be established within iHub will be promoted across NATO, while associated processes and toolsets will be easily adaptable by other NATO bodies. The iHub state-of-the-art capabilities will continuously be updated via knowledge transfer from the leading industries.

Scope 

HQ SACT is seeking contractors’ support to expand their iHub Agile DevSecOps operation. There will be a core team of contractors embedded within ACT Innovation Lab team which will follow agile methodology to develop required application in incremental, user-centric fashion. The ACT Innovation lab team will follow rapid development cycles, each resulting in Minimum Viable Product, deployable in an environment available and demonstrable to end-users. The Contractors’ embedded within iHub teams, will work under the direction and guidance of the COTR.

Skills, knowledge, experience required:

• University degree in Information and Communication Technologies (ICT), Business or related discipline OR 5 years’ experience as a Product Manager;
• Proven experience with modern software technologies and their relevancy to security;
• Able to engineer, implement, and monitor security measures for the protection of computer systems, networks and information;
• Able to identify and define system security requirements;
• Experience designing computer security architecture and developing detailed cyber security designs;
• Experience with both lean start-up and agile software development;
• Strong with security principles;
• Direct experience with anti-virus software, intrusion detection, firewalls and content filtering;
• Knowledge of risk assessment tools, technologies and methods; 
• Should be comfortable with security as it applies across the NATO domain; 
• Experience designing secure networks, systems and application architectures;
• Knowledge of disaster recovery, computer forensic tools, technologies and methods;
• Experience planning, researching and developing security policies, standards and procedures;
• Professional experience in a system administration role supporting multiple platforms and applications;
• Ability to communicate network security issues to peers and management;
• Previous exposure to cloud native applications, and associated production cycles;
• Ability to read and use the results of dynamic code analysis, static code analysis, and anti-virus software;
• 3+ years of experience in a product management function;
• Security+, or CISSP certified required;
• Fluent in English (written and Oral);
• Active NATO or National SECRET (or higher) security clearance.

 Duties:

• Implements policies within the iHUB to drive a security first mindset to software development. 
• Work across all team member disciplines to ensure each practice as the correct security in place for delivering products and the organizations means of communicating. 
• Collaborate with NCIA, NATO Software Factory, and HQ organizations to achieve platform pipeline accreditation. 
• Create and maintain necessary security documentation for the platform and product delivery teams to enable rapid fielding of products onto NATO networks.