- International Staff, NATO HQ
- Brussels, Belgium (Remote)
- Full-time
Head, Cyber Threat Assessment Branch
- International Staff, NATO HQ
Brussels, Belgium
Full-time
Published:
Application Deadline: December 16, 2024
- International Staff, NATO HQ
Brussels, Belgium
Full-time
Published:
Application Deadline: December 16, 2024
SUMMARY:
The Joint Intelligence and Security Division (JISD), under the leadership of the Assistant Secretary General for Intelligence and Security (ASG I&S), comprises two principal pillars: Intelligence – headed by the Deputy ASG for Intelligence; and the NATO Office of Security (NOS) – headed by the Deputy ASG for Security.
Intelligence is responsible for ensuring the situational awareness of the North Atlantic Council and the Military Committee, for the analysis of the indications and warnings in support of the NATO Crisis Response System and for the development of intelligence policies and capabilities for NATO. Its functional areas address: intelligence analysis and production, intelligence policy and capability development.
The joint civilian and military Intelligence Production Unit (IPU) delivers strategic intelligence-based analysis to support North Atlantic Council (NAC) and Military Committee (MC) decision making on strategic issues of concern. The IPU produces a range of planned and tasked intelligence products on regional issues in Eurasia, Africa and the Middle East, and on transnational issues such as hybrid operations, terrorism, instability, weapons of mass destruction and energy security.
The Cyber Threat Analysis Branch (CTAB) is responsible for providing evidence- and intelligence-based assessments of the cyber threat landscape to empower NATO stakeholders to make risk-informed decisions. CTAB delivers strategic assessments on the cyber threats to NATO, but also provides situational awareness for NATO stakeholders. The multidisciplinary team combines all-source data with cutting edge technologies to support and enhance the Alliance leadership’s understanding on the nature of cyber competition and conflict. CTAB systematically identifies strategic patterns and trends in cyber space and generates tailored insights to support network defence and mission assurance with predictive analysis, cyber threat intelligence, and threat hunting.
The incumbent will oversee the work of the Cyber Threat Assessment Branch and guide the development of cyber assessments of interest to the Alliance. They will lead staff efforts to produce quality cyber threat analyses to meet the growing Allied demand, to better understand the cyber threat landscape and what it means for NATO.
They will be primarily responsible for:
QUALIFICATIONS AND EXPERIENCE:
Essential
The incumbent must:
Desirable
The following would be considered an advantage:
MAIN ACCOUNTABILITIES:
People Management
Oversee the work of the Cyber Threat Analysis Branch and provide guidance and direction. Provide tasking and oversight for CTAB projects and ensure they are delivered within required deadlines. Promote transparency in decision-making, equal access to opportunities for all staff and an inclusive management culture. Ensure that all staff under their responsibility are clear on Organizational, Divisional and Directorate objectives. Collaborate with Executive Management on personnel matters. Provide regular and fair feedback on performance, informally as appropriate and via the Performance Review and Development (PRD) system. Participate in a collegial review of performance to discuss possible development and mobility opportunities for individuals, identify high potentials and help ensure common standards are applied in the process. Participate in recruitment procedures for vacant posts in the Division, in accordance with NATO guidelines and with the best
interests of the Organization in mind.
Planning and Execution
Oversee production of all CTAB intelligence products based on monitoring and analysing cyber related information from all available sources and provide timely and relevant operational and strategic intelligence assessments. Coordinate production and cooperate with other NATO Intelligence Enterprise bodies. Determine input into short- and mediumterm work plans and manage implementation of projects to achieve branch objectives. Propose to the Chain of Command production projects as necessary in response to changing developments and current events. Plan and develop processes and capabilities to systematically identify strategic patterns and trends in cyber space and generate tailored insights to support network defence and mission assurance with predictive analysis and cyber threat intelligence. Find opportunities to automate and innovate NATO’s cyber threat intelligence capability.
Stakeholder Management
Establish and maintain close working relations with contacts to security and intelligence services of Allied nations. Carry out appropriate liaison with other Allied entities, IS and IMS Divisions, and members of other NATO authorities. Establish and maintain relationships with industry partners and International Organisations (including the EU) to support the CTAB mission. Provide support to the North Atlantic Council (NAC), the Military Committee and other relevant customers by providing sound cyber threat analysis in briefings, assessments and other appropriate analytical products.
Serve as a key interlocutor for the NATO cyber community. Represent IPU/JISD at meetings, conferences, and seminars as required. Represent the IPU at a senior level with both internal and external stakeholders when directed by the Director IPU or JISD leadership.
Organisational Efficiencies
Review and prepare presentations, speaking notes, background briefs, and other forms of intelligence production; report on challenges or questions with which the IPU is concerned. Facilitate information-sharing, with proper information handling procedures, with a view to transferring knowledge across CTAB, the IPU, and with key cyber interlocutors. Contribute to NATO representation by developing and communicating information supportive of NATO’s interests.
Project Management
Support the development and presentation of technical and operational cyber defence requirements for NATO-wide capabilities and projects that have a direct impact on CTAB or the IPU. Manage projects and/or programmes as directed by the IPU Director. Assist in the management of cyber intelligence capability initiatives and any resulting actions.
Act as Chairperson of cyber threat intelligence workshops and conferences as required and appropriate. Brief and lecture groups, represent the Alliance at conferences, workshops or seminars as directed. Conduct and lead bilateral meetings on cyber threats with national intelligence counterparts.
Financial Management
Determine and verify the correct use of assigned financial resources, and advise the JISD Chain of Command on appropriate annual funding. Take responsibility of the budget related to CTAB’s capability development.
Perform any other related duty as assigned.
INTERRELATIONSHIPS:
The incumbent reports to the Director, IPU. They will work in close coordination with other Sections within the Division, as well as with other Divisions in the International Staff, with the NATO Military Authorities, with national Delegations as well as Alliance capitals, and other NATO Agencies. They will also maintain good working relations in their field of competence with industry, partner countries and relevant International Organisations on cyber defence related matters.
COMPETENCIES:
The incumbent must demonstrate:
CONTRACT:
Contract to be offered to the successful applicant (if non-seconded): Definite duration contract of three years; possibility of renewal for up to three years, during which the incumbent may apply for conversion to an indefinite duration contract.
Contract clause applicable
In accordance with the contract policy, this is a post in which turnover is desirable for political reasons in order to be able to accommodate the Organisation's need to carry out its tasks as mandated by the Nations in a changing environment, for example by maintaining the flexibility necessary to shape the Organisation's skills profile, and to ensure appropriate international diversity.
The maximum period of service foreseen in this post is 6 years. The successful applicant will be offered a 3-year definite duration contract, which may be renewed for a further period of up to 3 years. However, according to the procedure described in the contract policy the incumbent may apply for conversion to an indefinite contract during the period of renewal and no later than one year before the end of contract.
If the successful applicant is seconded from the national administration of one of NATO’s member States, a 3-year definite duration contract will be offered, which may be renewed for a further period of up to 3 years subject also to the agreement of the national authority concerned. The maximum period of service in the post as a seconded staff member is six years.
Serving staff will be offered a contract in accordance with the NATO Civilian Personnel Régulations.
USEFUL INFORMATION REGARDING APPLICATION AND RECRUITMENT PROCESS:
Please note that we can only accept applications from nationals of NATO member countries. Applications must be submitted using e-recruitment system, as applicable:
Before you apply to any position, we encourage you to click here and watch our video providing 6 tips to prepare you for your application and recruitment process.
Do you have questions on the application process in the system and not sure how to proceed? Click here for a video containing the information you need to successfully submit your application on time.
More information about the recruitment process and conditions of employment, can be found at our website.
Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate), approval of the candidate’s medical file by the NATO Medical Adviser, verification of your study(ies) and work experience, and the successful completion of the accreditation and notification process by the relevant authorities.
NATO will not accept any phase of the recruitment and selection prepared, in whole or in part, by means of generative artificial-intelligence (AI) tools, including and without limitation to chatbots, such as Chat Generative Pre-trained Transformer (Chat GPT), or other language generating tools. NATO reserves the right to screen applications to identify the use of such tools. All applications prepared, in whole or
in part, by means of such generative or creative AI applications may be rejected without further consideration at NATO’s sole discretion, and NATO reserves the right to take further steps in such cases as appropriate.
ADDITIONAL INFORMATION:
NATO is committed to diversity and inclusion, and strives to provide equal access to employment, advancement and retention, independent of gender, age, nationality, ethnic origin, religion or belief, cultural background, sexual orientation, and disability. NATO welcomes applications of nationals from all member Nations, and strongly encourages women to apply.
Building Integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
Due to the broad interest in NATO and the large number of potential candidates, telephone or e-mail enquiries cannot be dealt with.
Applicants who are not successful in this competition may be offered an appointment to another post of a similar nature, albeit at the same or a lower grade, provided they meet the necessary requirements.
The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours.
The organization offers several work-life policies including Teleworking and Flexible Working arrangements (Flexitime) subject to business requirements.
Please note that the International Staff at NATO Headquarters in Brussels, Belgium is a non-smoking environment.
For information about the NATO Single Salary Scale (Grading, Allowances, etc.) please visit our website. Detailed data is available under the Salary and Benefits tab.
The Joint Intelligence and Security Division (JISD), under the leadership of the Assistant Secretary General for Intelligence and Security (ASG I&S), comprises two principal pillars: Intelligence – headed by the Deputy ASG for Intelligence; and the NATO Office of Security (NOS) – headed by the Deputy ASG for Security.
Intelligence is responsible for ensuring the situational awareness of the North Atlantic Council and the Military Committee, for the analysis of the indications and warnings in support of the NATO Crisis Response System and for the development of intelligence policies and capabilities for NATO. Its functional areas address: intelligence analysis and production, intelligence policy and capability development.
The joint civilian and military Intelligence Production Unit (IPU) delivers strategic intelligence-based analysis to support North Atlantic Council (NAC) and Military Committee (MC) decision making on strategic issues of concern. The IPU produces a range of planned and tasked intelligence products on regional issues in Eurasia, Africa and the Middle East, and on transnational issues such as hybrid operations, terrorism, instability, weapons of mass destruction and energy security.
The Cyber Threat Analysis Branch (CTAB) is responsible for providing evidence- and intelligence-based assessments of the cyber threat landscape to empower NATO stakeholders to make risk-informed decisions. CTAB delivers strategic assessments on the cyber threats to NATO, but also provides situational awareness for NATO stakeholders. The multidisciplinary team combines all-source data with cutting edge technologies to support and enhance the Alliance leadership’s understanding on the nature of cyber competition and conflict. CTAB systematically identifies strategic patterns and trends in cyber space and generates tailored insights to support network defence and mission assurance with predictive analysis, cyber threat intelligence, and threat hunting.
The incumbent will oversee the work of the Cyber Threat Assessment Branch and guide the development of cyber assessments of interest to the Alliance. They will lead staff efforts to produce quality cyber threat analyses to meet the growing Allied demand, to better understand the cyber threat landscape and what it means for NATO.
They will be primarily responsible for:
- Providing threat related assessments;
- Applying innovative thinking, performance analysis and modern computer engineering principles to solve complex technological problems;
- Supporting the development of improved data analytics capabilities for CTAB and the IPU;'
- Collaborating with relevant stakeholders within NATO, Allies, Partners, and Industry;
- Advise IPU leadership on budgetary needs for CTAB;
- Chairing intelligence-driven working groups, including the annual NATO Cyber Threat Intelligence Conference;
- Maintaining a proficiency in current and emerging cyber threats and attacks, as well as security vulnerabilities.
QUALIFICATIONS AND EXPERIENCE:
Essential
The incumbent must:
- Possess a university degree, preferably in the field of cyber defence, information technology, political science, international security or other related studies;
- Have at least 8 years related experience, out of which at least 5 years in the area of cyber defence operations or analysis and 2 years managerial experience in leading and mentoring a diverse team;
- Have in-depth knowledge and experience related to the technical developments in the cyber threat landscape;
- Have recent experience in activities that derive intelligence on cyber threats (capabilities and intent of cyber threat actors) and cyber vulnerabilities to assist in developing cyber situational awareness;
- Be familiar with strategic issues and challenges facing the Alliance and NATO’s geopolitical environment;
- Have held cyber defence responsibilities in a government of a NATO Nation or in an International Organisation such as EU, UN, OSCE or NATO;
- Have extensive experience working for a national intelligence or security service;
- Have excellent communication skills (both written and oral), and experience in preparing alerts and reports;
- Possess the following minimum levels of NATO’s official languages (English/French): V (“Advanced”) in one; I (“Beginner”) in the other.
Desirable
The following would be considered an advantage:
- Experience with the nexus between technology and policy;
- Experience in the field of data analytics, data science, or machine learning;
- Experience synthesising qualitative and quantitative information from a large variety of sources, create original insight, and communicate in written, verbal and graphical forms.
MAIN ACCOUNTABILITIES:
People Management
Oversee the work of the Cyber Threat Analysis Branch and provide guidance and direction. Provide tasking and oversight for CTAB projects and ensure they are delivered within required deadlines. Promote transparency in decision-making, equal access to opportunities for all staff and an inclusive management culture. Ensure that all staff under their responsibility are clear on Organizational, Divisional and Directorate objectives. Collaborate with Executive Management on personnel matters. Provide regular and fair feedback on performance, informally as appropriate and via the Performance Review and Development (PRD) system. Participate in a collegial review of performance to discuss possible development and mobility opportunities for individuals, identify high potentials and help ensure common standards are applied in the process. Participate in recruitment procedures for vacant posts in the Division, in accordance with NATO guidelines and with the best
interests of the Organization in mind.
Planning and Execution
Oversee production of all CTAB intelligence products based on monitoring and analysing cyber related information from all available sources and provide timely and relevant operational and strategic intelligence assessments. Coordinate production and cooperate with other NATO Intelligence Enterprise bodies. Determine input into short- and mediumterm work plans and manage implementation of projects to achieve branch objectives. Propose to the Chain of Command production projects as necessary in response to changing developments and current events. Plan and develop processes and capabilities to systematically identify strategic patterns and trends in cyber space and generate tailored insights to support network defence and mission assurance with predictive analysis and cyber threat intelligence. Find opportunities to automate and innovate NATO’s cyber threat intelligence capability.
Stakeholder Management
Establish and maintain close working relations with contacts to security and intelligence services of Allied nations. Carry out appropriate liaison with other Allied entities, IS and IMS Divisions, and members of other NATO authorities. Establish and maintain relationships with industry partners and International Organisations (including the EU) to support the CTAB mission. Provide support to the North Atlantic Council (NAC), the Military Committee and other relevant customers by providing sound cyber threat analysis in briefings, assessments and other appropriate analytical products.
Serve as a key interlocutor for the NATO cyber community. Represent IPU/JISD at meetings, conferences, and seminars as required. Represent the IPU at a senior level with both internal and external stakeholders when directed by the Director IPU or JISD leadership.
Organisational Efficiencies
Review and prepare presentations, speaking notes, background briefs, and other forms of intelligence production; report on challenges or questions with which the IPU is concerned. Facilitate information-sharing, with proper information handling procedures, with a view to transferring knowledge across CTAB, the IPU, and with key cyber interlocutors. Contribute to NATO representation by developing and communicating information supportive of NATO’s interests.
Project Management
Support the development and presentation of technical and operational cyber defence requirements for NATO-wide capabilities and projects that have a direct impact on CTAB or the IPU. Manage projects and/or programmes as directed by the IPU Director. Assist in the management of cyber intelligence capability initiatives and any resulting actions.
Act as Chairperson of cyber threat intelligence workshops and conferences as required and appropriate. Brief and lecture groups, represent the Alliance at conferences, workshops or seminars as directed. Conduct and lead bilateral meetings on cyber threats with national intelligence counterparts.
Financial Management
Determine and verify the correct use of assigned financial resources, and advise the JISD Chain of Command on appropriate annual funding. Take responsibility of the budget related to CTAB’s capability development.
Perform any other related duty as assigned.
INTERRELATIONSHIPS:
The incumbent reports to the Director, IPU. They will work in close coordination with other Sections within the Division, as well as with other Divisions in the International Staff, with the NATO Military Authorities, with national Delegations as well as Alliance capitals, and other NATO Agencies. They will also maintain good working relations in their field of competence with industry, partner countries and relevant International Organisations on cyber defence related matters.
- Direct reports: 7;
- Indirect reports: N/a.
COMPETENCIES:
The incumbent must demonstrate:
- Achievement: Creates own measures of excellence and improves performance;
- Change Leadership: Personally leads change;
- Clarity and accuracy: Monitors data or projects;
- Conceptual thinking: Applies learned concepts;
- Flexibility: Adapts own strategy;
- Impact and Influence: Takes multiple actions to persuade;
- Initiative: Plans and acts up to a year ahead;
- Leadership: Promotes team effectiveness;
- Organisational Awareness: Understands organisational Climate and culture;
- Self-Control: Responds calmly.
CONTRACT:
Contract to be offered to the successful applicant (if non-seconded): Definite duration contract of three years; possibility of renewal for up to three years, during which the incumbent may apply for conversion to an indefinite duration contract.
Contract clause applicable
In accordance with the contract policy, this is a post in which turnover is desirable for political reasons in order to be able to accommodate the Organisation's need to carry out its tasks as mandated by the Nations in a changing environment, for example by maintaining the flexibility necessary to shape the Organisation's skills profile, and to ensure appropriate international diversity.
The maximum period of service foreseen in this post is 6 years. The successful applicant will be offered a 3-year definite duration contract, which may be renewed for a further period of up to 3 years. However, according to the procedure described in the contract policy the incumbent may apply for conversion to an indefinite contract during the period of renewal and no later than one year before the end of contract.
If the successful applicant is seconded from the national administration of one of NATO’s member States, a 3-year definite duration contract will be offered, which may be renewed for a further period of up to 3 years subject also to the agreement of the national authority concerned. The maximum period of service in the post as a seconded staff member is six years.
Serving staff will be offered a contract in accordance with the NATO Civilian Personnel Régulations.
USEFUL INFORMATION REGARDING APPLICATION AND RECRUITMENT PROCESS:
Please note that we can only accept applications from nationals of NATO member countries. Applications must be submitted using e-recruitment system, as applicable:
- For NATO civilian staff members only: please apply via the internal recruitment portal (link);
- For all other applications: www.nato.int/recruitment.
Before you apply to any position, we encourage you to click here and watch our video providing 6 tips to prepare you for your application and recruitment process.
Do you have questions on the application process in the system and not sure how to proceed? Click here for a video containing the information you need to successfully submit your application on time.
More information about the recruitment process and conditions of employment, can be found at our website.
Appointment will be subject to receipt of a security clearance (provided by the national Authorities of the selected candidate), approval of the candidate’s medical file by the NATO Medical Adviser, verification of your study(ies) and work experience, and the successful completion of the accreditation and notification process by the relevant authorities.
NATO will not accept any phase of the recruitment and selection prepared, in whole or in part, by means of generative artificial-intelligence (AI) tools, including and without limitation to chatbots, such as Chat Generative Pre-trained Transformer (Chat GPT), or other language generating tools. NATO reserves the right to screen applications to identify the use of such tools. All applications prepared, in whole or
in part, by means of such generative or creative AI applications may be rejected without further consideration at NATO’s sole discretion, and NATO reserves the right to take further steps in such cases as appropriate.
ADDITIONAL INFORMATION:
NATO is committed to diversity and inclusion, and strives to provide equal access to employment, advancement and retention, independent of gender, age, nationality, ethnic origin, religion or belief, cultural background, sexual orientation, and disability. NATO welcomes applications of nationals from all member Nations, and strongly encourages women to apply.
Building Integrity is a key element of NATO’s core tasks. As an employer, NATO values commitment to the principles of integrity, transparency and accountability in accordance with international norms and practices established for the defence and related security sector. Selected candidates are expected to be role models of integrity, and to promote good governance through ongoing efforts in their work.
Due to the broad interest in NATO and the large number of potential candidates, telephone or e-mail enquiries cannot be dealt with.
Applicants who are not successful in this competition may be offered an appointment to another post of a similar nature, albeit at the same or a lower grade, provided they meet the necessary requirements.
The nature of this position may require the staff member at times to be called upon to travel for work and/or to work outside normal office hours.
The organization offers several work-life policies including Teleworking and Flexible Working arrangements (Flexitime) subject to business requirements.
Please note that the International Staff at NATO Headquarters in Brussels, Belgium is a non-smoking environment.
For information about the NATO Single Salary Scale (Grading, Allowances, etc.) please visit our website. Detailed data is available under the Salary and Benefits tab.
Share
Facebook
Twitter
LinkedIn
Telegram
Tumblr
WhatsApp
Mail