Section Head Adversary Emulation

Who we are:

For more than 70 years NATOs mission has been to preserve peace and security in the Alliance for nearly one billion citizens. The NATO Communications and Information Agency (NCIA) and its predecessors have worked tirelessly in providing the means that enable the connectedness and togetherness that keep our Alliance strong. We are the NCIA a team of 3000 civilian and military staff in 29 locations throughout Europe North America and Asia.

Our technology and cyber experts allow NATO to conduct critical operations protect NATOs airspace make data-driven decisions defend against cyber-attacks secure NATO networks and maintain superiority in space. This is all possible because of our greatest force our order to keep this edge we aim to hire train and retain the very best staff.

Our staff members represent both the diversity and unity of our Alliance. When you join the NCIA you will be part of an organization where you can contribute authentically to the mission and purpose of NATO and help us keep our technological edge.

About the job:

Based in Mons Belgium you will join the Agency as we embark on a journey to transform our IT services to support NATOs Digital Endeavour. You will join NATO Cyber Security Centre (NCSC) which is responsible for planning and executing all lifecycle management activities for cyber executing this responsibility NCSC provides specialist cyber security-related services covering the spectrum of scientific technical acquisition operations maintenance and sustainment support throughout the lifecycle of NATO Communications and Information Systems (CIS).

The NCSC is part of the nucleus of the NATO Integrated Cyber Defence Centre (NICC).

We are looking for a driven and enthusiastic Section Head Adversary Emulation who will take on the following roles and responsibilities:

• Lead mentor and develop a team of adversary emulation engineers composed of Red and Purple team engineers fostering a culture of excellence and continuous learning;

• Define and oversee Red and Purple teaming strategies methodologies and processes;

• Manage and prioritize engagements ensuring alignment with business objectives and risk management strategies;

• Provide technical oversight and guidance ensuring comprehensive and high-quality security assessments;

• Manage training programs skills development and certification pathways for the adversary emulation teams;

• Represent the organization in security forums industry conferences and working groups.

For a full list of duties please review the job description on the NCIA career site.

About you:

The valuable knowledge and experience that you bring to this role are:

• A Masters degree at a nationally recognised/certified University in a related discipline and 5 years post-related experience. Or a Bachelors degree with 8 years post related experience;

• Relevant certifications such as CRTO GREM OSCP OSCE OSWE OSEE GWAPT GPEN GXPN or equivalent;

• 10 years of experience in cybersecurity with at least 5 years in offensive cybersecurity (penetration testing red teaming vulnerability research);

• Proven experience at least 3 years in a leading role managing adversary emulation / offensive cybersecurity services within enterprise environments;

• Extensive knowledge and experience (at least 5 years) in the following areas:

ü Conducting or leading Red Team engagements;

ü Penetration testing;

ü Exploit development;

ü Network security architecture design;

ü Assessing security vulnerabilities within OS software protocols & networks;

ü Researching and evaluating security products & technologies;

ü Knowledge in system and network administration of UNIX and Windows systems;

ü Use of penetration testing tools techniques and recognized testing methodologies;

ü Scripting skills in at least one of the following: Perl Python Ruby shell (bash sh);

• Practical experience in leading Red Team engagements;

• Extensive hands-on expertise with penetration testing tools;

• Extensive experience leading interdisciplinary teams preferably in international environment;

• Understanding of the principles of adversary emulation;

• Understanding of tactics techniques and procedures of threat actors based on MITRE ATT&CK Framework;

• Strong understanding of secure coding practices application security testing and enterprise security architectures;

• Proven experience working with developers security architects and system administrators to drive remediation efforts;

• Ability to lead and mentor technical teams fostering professional growth and skills development;

• Excellent communication and negotiation skills across technical non-technical and Executive audiences including at flag officer level;

• Strong analytical and problem-solving skills with the ability to make data-driven decisions;

• Experience working in high-security environments (e.g. financial government or military sectors);

• Fluency in English both written and spoken.

What we offer:

• Genuinely meaningful work as part of the most successful alliance in history;

• 5 year contract with competitive tax-free salary and household and childrens allowances;

• Privileges for expatriate staff including expatriation and education allowances (where appropriate) and additional home leave;

• Excellent private health insurance scheme;

• Generous annual leave of 30 days plus official holidays;

• NATO Pension Scheme;

• Development programs such as professional training wellbeing and more.

To learn more about NCIA and our work please visit our website.

The NCIA prides itself on being an equal opportunity employer. We are committed to fostering an inclusive environment of mutual respect and value uniqueness and differences in gender gender identity race ethnic or cultural origin age religion sexual orientation and physical or neurocognitive ability.

Additional details on the conditions of application can be found via the NCIA career site.