Job Description

Would you like to join the leading international intergovernmental organization?

The Defence Innovation Accelerator for the North Atlantic (DIANA) is a flagship initiative of NATO. Their mission is to foster and harness the best of deep-tech innovation across the Alliance to address critical defense and security challenges. DIANA connects a network of accelerators and test centers to support dual-use startups and entrepreneurs, ensuring NATO maintains its technological edge.

Responsibilities:

Influencing and developing security architecture in support of a complex digital environment. Recommending and developing secure technical solutions, products, and/or approaches in support of the programme scope. Oversight of security elements of CI/CD pipeline for solutions following a DevSecOps approach. Reviewing and providing security artifacts to assure solutions into production and security accreditation. Reviewing and supporting secure API configurations. Advising DIANA Azure and Microsoft O365 security tooling to support and integrate with complex systems, including authorization and authentication options. Aiding the development of policy and procedures to support OS deliveries, including change management Resolving highly complex problems using significant application of technical knowledge, conceptualizing, reasoning and interpretation. Serving as a subject-matter expert within relevant technical domain areas Providing other support as directed. Perform any other related duties as may be required.

We are happy to hear from you if you have:

Bachelor's Degree in a relevant field Minimum of 5 years of hands-on experience in developing complex system security architecture and engineering in a Microsoft environment, including firewalls and VNETs. Excellent knowledge of information security principles Experience in defining security requirements for complex system, and managing traceability Experience of developing security architecture for complex system and building authorised environments to security accreditation framework Experience of security infrastructure in Public and Private cloud, e.g. virtual network infrastructure, hybrid PaaS/SaaS solutions. Experience in producing security assurance documentation sets (such as SyOPS, Security Management Plan, ISMS) Experience of network and boundary protection technologies (firewalls, mail gateways, load balancers, antivirus). Experience of authentication and authorisation technologies (SAML, OIDC, PKI, etc.) Industry cybersecurity qualification to support the deliverables. Desirable: + Experiences with development and deployment of Infrastructure as Code.
+ Experience across multi domain cloud environments.
+ Experience with the development and integration with SaaS solutions via APIs.