Would you like to join the leading international intergovernmental organization?

The Defence Innovation Accelerator for the North Atlantic (DIANA) is a flagship initiative of NATO. Their mission is to foster and harness the best of deep-tech innovation across the Alliance to address critical defense and security challenges. DIANA connects a network of accelerators and test centers to support dual-use startups and entrepreneurs, ensuring NATO maintains its technological edge.

Responsibilities:

• Influencing and developing security architecture in support of a complex digital environment.
• Recommending and developing secure technical solutions, products, and/or approaches in support of the programme scope.
• Oversight of security elements of CI/CD pipeline for solutions following a DevSecOps approach.
• Reviewing and providing security artifacts to assure solutions into production and security accreditation.
• Reviewing and supporting secure API configurations.
• Advising DIANA Azure and Microsoft O365 security tooling to support and integrate with complex systems, including authorization and authentication options.
• Aiding the development of policy and procedures to support OS deliveries, including change management
• Resolving highly complex problems using significant application of technical knowledge, conceptualizing, reasoning and interpretation.
• Serving as a subject-matter expert within relevant technical domain areas
• Providing other support as directed.
• Perform any other related duties as may be required.

We are happy to hear from you if you have:

• Bachelor’s Degree in a relevant field
• Minimum of 5 years of hands-on experience in developing complex system security architecture and engineering in a Microsoft environment, including firewalls and VNETs.
• Excellent knowledge of information security principles
• Experience in defining security requirements for complex system, and managing traceability
• Experience of developing security architecture for complex system and building authorised environments to security accreditation framework
• Experience of security infrastructure in Public and Private cloud, e.g. virtual network infrastructure, hybrid PaaS/SaaS solutions.
• Experience in producing security assurance documentation sets (such as SyOPS, Security Management Plan, ISMS)
• Experience of network and boundary protection technologies (firewalls, mail gateways, load balancers, antivirus).
• Experience of authentication and authorisation technologies (SAML, OIDC, PKI, etc.)
• Industry cybersecurity qualification to support the deliverables.
• Desirable:
  • Experiences with development and deployment of Infrastructure as Code.
  • Experience across multi domain cloud environments.
  • Experience with the development and integration with SaaS solutions via APIs.