Deputy Chief Information Officer (CIO) for Cybersecurity

Location
Brussels, Belgium
Salary
10,986.66 EUR Monthly
Posted
29 Sep 2021
Closes
24 Oct 2021
Contract Type
Contract, Permanent
Hours
Full Time

SUMMARY

The NATO Chief Information Officer (CIO) function brings Information and Communications Technology (ICT) coherence across NATO Enterprise’s 41 civil and military bodies and more than 25,000 users. The NATO CIO is empowered to realize the Allies’ vision for the NATO Enterprise is accountable to the Secretary General and is responsible for the development of Enterprise directives and advice on the acquisition and use of information technologies and services. The NATO CIO provides Enterprise oversight on cybersecurity issues, and, in close coordination with all relevant NATO civil and military bodies, works towards the continual improvement of the cyber hygiene and cybersecurity posture in the NATO Enterprise.

The Office of the NATO CIO (OCIO) is an integrated staff organization comprised of International Staff (IS) and International Military Staff (IMS) members.

The mission of the Deputy Chief Information Officer for Cybersecurity is to drive substantial change in NATO’s cybersecurity ecosystem and improve the cybersecurity posture of the Organization.

The incumbent will work under the direction of the NATO CIO and lead the work of the OCIO for cybersecurity matters, across all pillars of cybersecurity including strategy making, program/project management and cybersecurity service management. He will also act as the point of reference for any cybersecurity matter, both towards other NATO entities and towards Allies: this may include reporting on specific incidents, assessing cybersecurity implications of specific programs, establishing specific agreements and in general working towards improving the cybersecurity posture of NATO. He will need to setup, build consensus upon and lead the implementation of the NATO CIO cybersecurity program, bridging technology and cybersecurity initiatives with business acumen and strong leadership

Key challenges facing the successful candidate will likely include:

  • Establishing a new single point of authority for cybersecurity in NATO. The Deputy CIO for cybersecurity will need to work collaboratively across the NATO Enterprise to implement this function, delegated from the CIO, influencing and engaging with senior leaders to deliver a significant change for the Alliance and drive cybersecurity improvements across 41 separate NATO civil and military bodies.
  • Improve NATO’s cybersecurity posture across the whole NATO Enterprise through the uplift of fundamental cybersecurity functions. The Deputy CIO for cybersecurity will need to address fundamental cybersecurity functions from an Enterprise perspective, redefining how these functions are performed, measuring and monitoring performance, and adapting to new technological challenges to improve the organisation’s resilience.
  • Adopt a management model to include military and civilian stakeholders in a matrix structure, and a heterogeneous set of capabilities in a challenging and dynamic environment. The NATO Enterprise is built upon the need to preserve essential business processes, both military and civilian, executed by a diverse community of stakeholders spread across the 41 entities. The model will need to embrace this diversity, improving and modernizing the way cybersecurity is dealt with throughout the Enterprise. It will also need to adapt quickly to changes in the cybersecurity environment and in NATO business model, by gathering together NATO cybersecurity leaders from the NATO Enterprise, industry and academia becoming a reference model for the organization.

 

QUALIFICATIONS AND EXPERIENCE

ESSENTIAL

The incumbent must possess:

  • a master degree, or an equivalent level of qualification, in information and communications technology or in a cyber-security related discipline;
  • 15 years’ relevant and progressively responsible experience, out of which at least 10 years in cybersecurity functions, leading large, cross-functional teams within sizeable governmental organisations or industry;
  • substantial experience managing enterprise-wide programmes, involving multiple stakeholders and requiring a robust change management methodology;
  • proven experience in consensus building, combined with strong negotiation and influencing skills at senior-level, with key stakeholders across the organization and within complex environments;
  • experience in leading cybersecurity management positions, such as Chief Information Security Officer (CISO), in large private, public and/or military organizations;
  • experience in leading, guiding, and developing a diverse team of cybersecurity professionals (both managers and technicians) in a large, multicultural organisation;
  • have experience managing cybersecurity incidents and cybersecurity risk management processes using state-of-the-art techniques and tools;
  • experience in designing, procuring, implementing, operating cybersecurity functions such as network security monitoring, incident response, cybersecurity threat intelligence, risk management;
  • comprehensive knowledge of principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications;
  • in-depth knowledge of advanced cybersecurity products available on the market and possess adequate knowledge of their business models;
  • be conversant and have an up-to-date knowledge of current cybersecurity threat vectors, dedicated protective measures and market leading technologies; and
  • possess the minimum levels of NATO’s official languages (English/French): V (“Advanced”) in one; I (“Beginner”) in the other.

DESIRABLE

The following would be considered an advantage:

  • a Master in Business Administration (MBA) or equivalent;
  • leading technology certifications relevant for the job, in the field of cybersecurity (CISSP, CISM, CCSP, etc.), program/project management (PMP or PRINCE2, etc.), information technology (ITIL, COBIT, CGEIT, etc.);
  • proven experience in developing and implementing security controls and monitoring information security operations; and
  • deep understanding of current and emerging cybersecurity technologies and how enterprises are employing them to protect digital business.

 

MAIN ACCOUNTABILITIES

Vision and Direction

Support the NATO CIO in developing strategic goals and objectives for the NATO OCIO in the area of cybersecurity, aligned with NATO’s goals and objectives and with the Alliance’s C3 Strategy. Engage with the Enterprise network to enhance the coordinated execution of the Alliance C3 Strategy, specifically for cybersecurity elements. Provide direction on what emerging cybersecurity trends are to be assimilated, integrated and introduced within the NATO Enterprise.

Representation of the Organization

Represent and communicate NATO cybersecurity policies and goals within NATO and with industry and academia on cybersecurity matters and at public events on behalf of the NATO CIO. Deputize the NATO CIO in his role as Communication and Information Systems Operational Authority (CISOA) for NATO Enterprise-wide aspects. Deputize the NATO CIO in her/his role as top-level incident manager for NATO Enterprise-wide aspects, as member of the Cyber Defence Management Board (CDMB).

Policy Development

Participate in and contribute to overall NATO Enterprise strategy development, to leverage and improve its cybersecurity posture and align it with the NATO strategic goals and objectives. Contribute and influence the cybersecurity strategy including cyber defence. Develops cybersecurity directives to enable the NATO CIO to execute her/his role as cybersecurity Single Point of Authority. Provide Enterprise oversight on cybersecurity issues, and, in close coordination with all relevant NATO civil and military bodies, work towards the continual improvement of the NATO Enterprise cyber hygiene and cyber defence posture.

Expertise Development

Provide senior guidance, advice and recommendations on cybersecurity capabilities and services, including technological trends, long-term planning and prospects for cooperation. Participate in and contribute to the assessment of external cybersecurity opportunities and threats, and advice on NATO Enterprise cybersecurity capabilities and services required.

Organisational Efficiencies

Identify and enable cost-effective and innovative shared-solutions across the NATO Enterprise to address relevant cybersecurity functions. Drive the development of shared solutions and ensure compliance to enterprise technology standards, governance processes and performance metrics.

Project Management

Align OCIO work plan with the organization’s objectives. Manage interdependencies and risk and approve contingency actions.

Planning and Execution

Assist the NATO CIO in exercising her/his Cybersecurity Single Point of Authority role and respond with agility to changing NATO priorities and to changes in the cybersecurity landscape. Provide strategic direction and oversight for the design, development, and operation of the NATO Enterprise cybersecurity architecture.

People Management

Support the Office in cultivating a motivating, inclusive and effective workplace. Provide mentoring, coaching and training opportunities and be available to offer guidance at critical moments. Promote transparency in decision-making, equal access to opportunities for all staff and an inclusive management culture. Participate in recruitment procedures for vacant posts in the Organisation, in accordance with NATO recruitment guidelines. Identify possible development and mobility opportunities for individuals.

Stakeholder Management

Promote and encourage cooperation among NATO Enterprise bodies, ensuring coherence, integration and alignment with NATO goals and objectives in areas related to cybersecurity. Engage and consult with cybersecurity management authorities on requirements, capital investments, operation, maintenance and disposal of the NATO Enterprise’s cybersecurity capabilities and services. Develop and maintain close relationship with the NATO Communications and Information Agency, in particular with the NATO Cyber Security Centre (NCSC). Develop close cooperation and working relationships with stakeholders, including the Consultation, Command and Control (C3) Board, the Agencies Supervisory Boards, the Cyber Defence Committee, the Military Committee, the Security Committee, the Resource Planning and Policy Board, and other relevant senior policy committees and boards. Promote and encourage contacts and connections between the OCIO and leading cybersecurity market vendors, establishing a culture of exchange and mutual assistance. Promote the creation of specific agreements and frameworks for exchange of information, support and knowledge, for example on product roadmaps.

Financial Management

Plan, supervise and ensure financial accountability of the annual budget of the NATO CIO Office dedicated to cybersecurity activities, including the Cyber Adaptation program.

Knowledge Management

Align the scope and focus of the knowledge management systems and processes related to cybersecurity with the objectives of the OCIO.

Perform any other related duty as assigned.

 

INTERRELATIONSHIPS

The incumbent reports to the NATO CIO. The incumbent has delegated authority from the NATO CIO and regularly works with the Office of the Secretary General for cybersecurity matters. S/He works closely with the Assistants of the Secretary General, the Director General International Military Staff for cybersecurity matters and is required to operate and engage with senior government and military personnel in NATO and partner nations, NATO civil and military bodies, and in non-NATO entities.

S/He will liaise with leadership in relevant international organisations, industry and academia, as required.

Direct reports: N/A
Indirect reports: N/A

 

COMPETENCIES

The incumbent must demonstrate:

  • Achievement: Sets and works to meet challenging goals;
  • Change Leadership: Champions change;
  • Conceptual Thinking: Creates new concepts;
  • Developing Others: Provides in-depth mentoring, coaching and training;
  • Impact and Influence: Uses complex influence strategies;
  • Initiative: Plans and acts for the long-term;
  • Leadership: Communicates a compelling vision;
  • Organizational Awareness: Understands underlying issues;
  • Self-Control: Stays composed and positive even under extreme pressure.

 

For more information on how to apply, please click the “Apply” button.

Closing date: 24 of October, 23h59 (CET Brussels time).

Similar jobs

Similar jobs