Would you like to join the leading international intergovernmental organization?

The Centre for Maritime Research and Experimentation (CMRE) is an established, world-class scientific research and experimentation facility that organizes and conducts scientific research and technology development centred on the maritime domain. It delivers innovative and field-tested science and technology (S&T) solutions to address defence and security needs of the Alliance.

Responsibilities:

• Implement and operate security controls within accreditation frameworks for enterprise systems, networks, and critical infrastructure including autonomous vehicles and data acquisition

• Manage and maintain communication and information systems including network devices, firewalls, and virtualized security environments

• Conduct security testing, breach analysis, and root cause investigations to identify vulnerabilities and implement remediation strategies

• Monitor, analyse, and respond to security alerts and incidents using advanced threat detection tools while maintaining comprehensive incident documentation and reporting

• Perform vulnerability assessments, penetration testing, and security evaluations to identify and address weaknesses across IT infrastructure

• Deliver security awareness training to staff and ensure ongoing compliance with regulatory requirements and organizational security policies

• Design, develop, and maintain security architectures for enterprise, cloud, and hybrid environments incorporating threat modelling and risk management principles

• Assess and ensure compliance with security frameworks, conduct audits, document findings, and drive continuous improvement initiatives

• Provide strategic guidance on emerging technologies, risk mitigation strategies, and alignment of security controls with business objectives

• Work with software development teams to ensure secure software development lifecycle in employed and create guidelines and material to document the security aspects

• Audit source code to ensure compliance with security frameworks, document findings, and work with developer to increase the security posture of the code

• Conduct penetration test and vulnerability scanning, adapting/defining frameworks and processes to ensure software application are secure across the whole life cycle

Essential Qualifications & Experience:

• A minimum requirement of a bachelor’s degree at a nationally recognised/certified University in an information systems, physics or electronics related scientific or engineering discipline

• A minimum of 3 years of experience in design, develop, and maintain robust security architectures for IT systems, networks, and applications.

• Deep knowledge of networking, cloud, and application security architectures

• Extensive background in defining security principles, technical requirements, and preventative controls for enterprise, cloud, and hybrid environments.

• Extensive background in planning, executing, and leading security audits across systems, applications, and networks.

• Extensive background in assessing compliance with NATO Enterprise security policies, ISO/IEC 27001, NIST, and other regulatory frameworks.

• Extensive background in supporting development and enforcement of organization-wide security policies, standards, and procedures.

• Ethical mind-set with commitment to privacy, compliance, and IT governance.

• Deep understanding of cybersecurity frameworks including ISO/IEC 27001, NIST SP-800 series, GDPR, and industry-specific regulatory requirements with ability to translate standards into practical security controls

• Industry-recognized security certifications such as CISSP, CISM, CRISC, CISA, CompTIA Security+, or equivalent credentials demonstrating commitment to professional development

• Professional hands-on expertise with enterprise security tools including firewalls, intrusion detection and prevention systems, security information and event management (SIEM) platforms, and identity and access management solutions

• Strong capability to analyze security breaches, identify root causes, assess complex vulnerabilities, and develop effective remediation strategies based on technical evidence and threat intelligence

• Excellent ability to document technical security architecture, produce comprehensive reports, write Standard Operating Procedures, communicate risk to stakeholders at all levels, and work effectively across multidisciplinary teams

• Good level of spoken and written English

If you've read the description and feel this role is a great match, we'd love to hear from you! Click "Apply for this job" to be directed to a brief questionnaire. It should only take a few moments to complete, and we'll be in touch promptly if your experience aligns with our needs.