Who we are:
For more than 70 years, NATO’s mission has been to preserve peace and security in the Alliancefor nearly one billion citizens. The NATO Communications and Information Agency (NCIA) and its predecessors have worked tirelessly in providing the means that enable the connectedness and togetherness that keep our Alliance strong. We are the NCIA, a team of 3000 civilian and military staff in 29 locations throughout Europe, North America and Asia.
Our technology and cyber experts allow NATO to conduct critical operations, protect NATO’s airspace, make data-driven decisions, defend against cyber-attacks, secure NATO networks and maintain superiority in space. This is all possible because of our greatest force, our people. In order to keep this edge we aim to hire, train and retain the very best staff.
Our staff members represent both the diversity and unity of our Alliance. When you join the NCIA, you will be part of an organization where you can contribute authentically to the mission and purpose of NATO and help us keep our technological edge.
About the job:
Based in Mons, Belgium, you will join the Agency as we embark on a journey to transform our IT services to support NATO’s Digital Endeavour. You will join NATO Cyber Security Centre (NCSC), which is responsible for planning and executing all lifecycle management activities for cyber security. In executing this responsibility, NCSC provides specialist cyber security-related services covering the spectrum of scientific, technical, acquisition, operations, maintenance, and sustainment support, throughout the lifecycle of NATO Communications and Information Systems (CIS).
We are looking for driven and enthusiastic Cyber Security Defenders who will take on the following roles and responsibilities:
Deploy as part of the RRT on short notice, transporting, setting up, and operating cyber defence equipment in both secure and austere environments;
Conduct host-based and network-based analysis to identify indicators of compromise and adversary activity;
Support incident triage, containment, and remediation actions under the direction of the team lead;
Install, configure, and maintain RRT toolsets including EDR, SIEM integrations, network sensors, and forensic platforms;
Perform log analysis and data correlation across multiple sources to support threat detection and investigation and assist in threat hunting activities to identify hidden or persistent threats within supported networks.
Additional duties as Senior Cyber Security Defender:
Lead and direct RRT personnel during deployed cyber operations, serving as the on-site mission lead and decision authority;
Oversee full-spectrum incident response, including triage, containment, eradication, and recovery;
Lead post-incident reviews, capturing lessons learned and driving improvements to RRT capabilities and readiness.
Note that these roles require extensive business travel to NATO and national facilities as well as frequent travel between the NCIA offices and that you will be required to travel to operational sites and theatres inside and outside NATO boundaries.
We have two different roles available:
Senior Cyber Security Defender (G17) – 1 role; for a full list of duties, please review the job description on the NCIA career site; The pay scale is 8,273.12 EURO/ month.
Cyber Security Defender (G15) – 4 roles; for a full list of duties, please review the job description on the NCIA career site. The pay scale is 6,713.06 EURO/ month.
About you:
The valuable knowledge and experience that you bring to this role are:
A Bachelor’s degree at a nationally recognised/certified University in a related discipline and 2/3 years post-related experience. Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCIA, that is, at least 6/10 years extensive and progressive expertise in duties related to the function of the post;
Minimum of 2-6 years of experience in cybersecurity, with a focus on incident response, defensive cyber operations, or network security;
Hands-on experience detecting, analysing, and responding to cyber incidents in enterprise or operational environments;
Familiarity with common attack techniques, tactics, and procedures (TTPs) and modern threat landscapes;
Experience working within structured operational environments, including adherence to procedures, reporting, and escalation processes;
Ability to operate effectively under pressure, including during time-sensitive or high-tempo incident response activities;
Experience collaborating within team-based or multi-organization environments;
Fluency in English, both written and spoken;
For the Senior Cyber Security Defender role: demonstrated experience leading teams during cyber incidents or operational activities in high-pressure environments and demonstrated ability to communicate technical findings to senior leadership and provide actionable recommendations.
What we offer:
Genuinely meaningful work as part of the most successful alliance in history;
5 year contract with competitive tax-free salary and household and children’s allowances;
Privileges for expatriate staff including expatriation and education allowances (where appropriate) and additional home leave;
Excellent private health insurance scheme;
Generous annual leave of 30 days plus official holidays;
NATO Pension Scheme;
Development programs such as professional training, wellbeing, and more.
To learn more about NCIA and our work, please visit our website.
The NCIA prides itself on being an equal opportunity employer. We are committed to fostering an inclusive environment of mutual respect and value uniqueness and differences in gender, gender identity, race, ethnic or cultural origin, age, religion, sexual orientation and physical or neurocognitive ability.
Additional details on the conditions of application can be found via the NCIA career site.