Cyber Security Role Mapping Expert

at  Spektrum

Spektrum have a wide range of exciting opportunities in several global locations.
We are always looking to add great new talent to our team and look forward to hearing from you.
Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

WHO WE ARE SUPPORTING

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO’s member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO’s communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO’s military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO’s mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO’s information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO’s communication and information technology capabilities.

ESSENTIAL SKILLS AND EXPERIENCE

• Knowledge of / practical user experience with Cybersecurity
• Experience with the NICE and SFIA framework
• Experience with mapping NATO specific Cybersecurity job roles to the NICE and/or SFIA frameworks and/or related training offerings
• Experience with working in an international environment comprising both military and civilian elements
• Experience with working in/with NCI Agency and NATO
• Experience with technical platforms to support competency based talent management / job role mapping (e.g. Lexonis)
• Strong project management skills.

ROLE BACKGROUND

At present, NATO has no standardized way to describe Cybersecurity (CS) related roles, nor the Knowledge, Skills and Abilities that are required to perform each of these roles successfully.
The ambiguity in role descriptions makes it difficult to identify and communicate NATO’s workforce requirements for personnel filling and develop cyber security related positions. In addition, the lack of a standardized terminology to describe NATO CS roles makes identifying and curating existing commercial training solutions for these roles a labor intensive as well as subjective task. Lastly, there is no agreed baseline to establish a minimum level of competency for each role, that could be fed in to specific Training Needs Analysis, which makes the development of new learning solutions and career paths for NATO Cyber CS roles challenging.
The NCI Academy aims to mitigate above challenges by mapping each NATO Command Structure CS related position to industry standards and frameworks and describing the Tasks, Knowledge, Skills and Abilities (KSA’s) associated with each role in a standardized terminology. Subsequently, this work includes referencing the standardized description of NATO CS roles to relevant NATO and commercial training courses, that can be added as annexes to NATO CS job descriptions (JDs).

The frameworks that will provide the foundation for this mapping exercise are:

• The Skills Framework for the Information Age (SFIA), and;
• The National Initiative for Cybersecurity Education framework (NICE).

As the SFIA framework describes ‘ICT roles’ in a more generic sense, and the NICE framework describes roles with a focus on Cyber security, the two models can be regarded as complementary. In this work, each NATO CS role will be analysed and the associated duties will be mapped to the corresponding task descriptions of the SFIA and/or NICE framework. The role specific matches will subsequently be fed in to and tracked by a central database.

ROLE DUTIES AND RESPONSIBILITIES

• Add the remaining mappings not completed in 2023: NSPA and remaining ACO/NCIA for approximately 100 NATO Job descriptions.
• The mappings will be in the same format as the 2023 mappings, and will include:
• A mapping of NATO JD duties to SFIA/NICE framework
• Concrete recommendations about which existing NATO and commercial training programs are relevant for the various NATO roles
• Engaging visual overviews to describe the SFIA/NICE mappings and training recommendations to NATO CS staff and their leaders
• Consolidate the mappings of NATO CS roles to the SFIA/NICE framework that were conducted in 2023, and engage with the respective NATO entities. For each entity:
• Verify the mappings by comparing them to real-life on-thejob activities for each role
• Make an inventory of the current training offerings
• Update the mappings to new and evolving job descriptions
• Consolidate 2024 mappings of NATO CS roles to the SFIA/NICE framework (NSPA, remaining NCIA and ACO), and engage with the respective NATO entities. For each entity:
• Verify the mapping by comparing them to real-life on-the-job activities for each role
• Make an inventory of the current training offerings
• Update the mapping to new and evolving job descriptions
• After consolidation, develop a report that describes all mappings, and that includes:
• A verified mapping of NATO JD duties to SFIA/NICE framework
• concrete recommendations about which existing NATO and commercial training programs are relevant for the various NATO roles
• Engaging visual overviews to describe the SFIA/NICE mappings and training recommendations to NATO CS staff and their leaders
• Support a feasibility study to determine the long term strategy for hosting mappings (industry platform versus existing NATO platforms)
• Support the uploading of all mappings to a selected NATO platform