Secure Protocols Designer/Implementer

Duties

• Editing, reviewing, and contributing to relevant sections of selected NATO standards related to secure communication implementation.
• Preparing executable technical artefacts and validating the associated security profiles.
• Supporting experimentation, integration, and validation activities.
• Participating in technical and coordination meetings as required by the PM and Technical Leader.
• Maintaining and updating the development backlog, including progress reporting, comments, risk identification, and issue tracking.
• Producing agreed technical deliverables in accordance with defined acceptance criteria, quality standards, and timelines.
• Supporting formal knowledge handover sessions prior to contract completion to ensure continuity, maintainability, and long-term sustainability of the delivered solutions.
• All source code, scripts, configuration items, and documentation produced under this contract shall be stored and maintained under configuration management within the NATO Software Factory environment.
• Coordination and development activities shall be performed remotely through secure access to NCIA systems using the unclassified development laptop provided by NCIA.
• The Contractor shall present a preliminary execution plan outlining: Proposed approach, Deliverable breakdown, Milestones, Assumptions and dependencies, Identified risks and mitigation proposals.
• The Contractor shall issue meeting minutes via email within two (2) working days, capturing at minimum: Key decisions, Assigned actions, Updated risks, Agreed next steps.
• The Contractor shall participate in regular status meetings, either in person (where feasible) or via electronic conference means.
• The Contractor shall support and contribute to: The development and refinement of security profiles for communication standards.
• The Contractor shall support and contribute to: The design and implementation of concept demonstrators.
• The Contractor shall support and contribute to: The preparation and execution of on-site and off-site validation activities, including interoperability exercises.
• The Contractor shall support and contribute to: The production of associated documentation, test evidence, configuration artefacts, and validation reports.
• Drafted proposal of security profile appendix for the near-real time protocol of the Future FFT standard (ADatP-36) indicating the architectural and the operational aspects together with the process and procedure for the services configuration and validation.
• Plan, execute and document validation tests event for the ADatP-36 security together with NATO nations that has been identified during CWIX2026 event.
• Reviewed the security profile appendix for the STANAG 5659 identifying issues and fragilities and providing solution in line with the NATO Data Centric Security (DCS) policies.
• Updated the services composing the DISG in line with the security profile defined for the ADAtP-36 and STANAG 5659.
• Designed, documented and deployed the infrastructure needed to test the DISG functionalities in conjunction with the STANAG 5659 and the ADAtP-36 standards on NATO NSF network.
• Planned and executed DISG test risk reduction event (On site in NCIA or from remote).
• FFT simulator service maintenance (Apply the changes and resolve the issues described in JIRA). This include the extention the functionalities in compliance with the updated FFT ADatP-36(B) and ADatP-36(C)) (Issues and improvements as described in JIRA).
• Validation and test of the FFT simulator at an internal agreed validation event.
• Creation of the related change request and issue list in JIRA.

Requirement

• At least 1 year of proven experience in the redaction of NATO standards.
• At least 1 year of proven experience in the design and test of secure message exchange protocols.
• At least 1 year of proven knowledge of, and practical experience in, the operational or technical use of FFT systems supported by NCIA.
• At least 1 year of proven experience with the NATO Data-centric Security concept application.
• At least 1 year of practical experience in the area of computer networks and messaging security, including DNS, domains, PKI certificates, network designs, OAuth, OpenID.
• At least 1 year of practical experience in, modern test engineering and test management methods and paradigms.
• At least 1 year of proven up-to-date knowledge of computer system architectures, systems security, client/server, LAN/WAN and network concepts, test techniques, Database Management Systems (DBMS) and data management concepts.
• At least 1 year of proven recent experience in planning and execution of validation activities within largescale C2 exercises.
• At least 2 year of programming experience in JAVA, JAVA Scripts, Angular, Python.
• At least 1 year of proven recent experience with XML and JSON technologies.
• Staff provided by the Contractor must have the nationality of one of the NATO nations.
• Staff provided by the Contractor must have an excellent command of spoken and written English.
• Contractor personnel delivering services on this contract require a valid NATO SECRET security clearance as from the start date of the contract.

Preferences

• The following expertise and knowledge are required for this contract: Experience working in the NATO Software Factory (NSF).
• The following expertise and knowledge are required for this contract: Experience working with STANAGS 4774 and 4778.
• Knowledge of NATO FFT, COT, JDSS, NCDF and other military or civilian interoperability standards for messaging and data exchange related to FFT.
• Bachelor’s degree in Computer Science, Information Technology or a closely related engineering field.
• Experience supporting a recent NATO Interoperability exercises.
• Experience interpreting and/or capturing business and user requirements through use cases and developing test cases accordingly;