2024-0095 DevSecOps Engineer (NS) - TUE 14 May
The Hague, South Holland, Netherlands
Full Time Contract Senior-level / Expert Clearance required USD 113K - 179K *
EMW, Inc.
Deadline Date: Tuesday 14 May 2024
Requirement: DevSecOps Engineer
Location: On-site, either in The Hague, Netherlands or in Braine L’Alleud, Belgium.
Period of Performance: As soon as possible but not later than 17 JUN 2024 to 31 DEC 2024, with possibility to exercise three 1 (one) year options (2025, 2026, 2027)
Required Security Clearance: NATO SECRET
1 INTRODUCTION
The NATO Communications and Information Agency (NCI Agency) has been modernizing its application-hosting infrastructure and has been implementing custom DevSecOps delivery processes. As part of this work a body of development and implementation work, it is needed to update existing applications, migrate them to new infrastructure and establish operation and maintenance capabilities. The ITM RC1 Applications team is building a multi-year team of system administrators and DevSecOps engineers to support this work.
NCI Agency is looking for a DevSecOps engineer with a background in automation and containerization technology as well as in legacy hypervisor environments to support the ITM RC1 team with both containerized and legacy migrations to the new infrastructure.
2 OBJECTIVES
NCI Agency is undertaking a major infrastructure modernization project, enabling comprehensive application lifecycle management. In addition, existing applications will have to be migrated to the new infrastructure.
The main objective of this statement of work is to support the ITM RC1 team with planning, performing, testing, validating and documenting this body of work. Specifically, this comprises of:
- Implementing DevSecOps and automation capabilities (GitOps, Kubernetes, Ansible)
- Transitioning suitable applications from a hypervisor to a container platform
- Migrating legacy virtual machine payloads
3 SCOPE OF WORK
Under the direction / guidance of the NCIA Point of Contact or delegated staff, the DevSecOps engineer will support building the ITM RC1 Application Migration team
This includes the following activities:
• Develop containers and Terraform and Ansible scripts for existing applications
• Develop / maintain infrastructure as code for deployment and configuration of infrastructure (VMs, Disks), core services (AD, CA, Exchange etc.), and applications (NATO and Commercial Application)
• Contribute to design and implementation of infrastructure as code and container orchestration services
• Contribute to the design and implementation of an overall DevSecOps capability
• Migrate Virtual Machines legacy payloads
• Implement hardening, compliancy and security scanning
• Create pipelines and self-service solutions for deploying test environments using infrastructure as code
• Participate in entire lifecycle activities – including design, testing, training and documentation
The contractor will be part of a team and will work using an Agile and iterative approach during multiple sprints. Each sprint is planned for a duration of 1 week. The content and scope of each sprint will be agreed during the sprint-planning meeting.
4 DELIVERABLES AND PAYMENT MILESTONES
The following deliverables are expected in relation to this statement of work:
2024 BASE period:
Deliverable 01: 30 sprints of software development.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
Invoices shall be accompanied by a Certificate of Acceptance (Annex B), signed for acceptance by the Project Authority.
The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements
OPTION YEAR 1: 01 January 2025 to 31 December 2025
Deliverable 01: 44 sprints of software development.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
Invoices shall be accompanied by a Certificate of Acceptance (Annex B), signed for acceptance by the Project Authority.
The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements
OPTION YEAR 2: 01 January 2026 to 31 December 2026
Deliverable 01: 44 sprints of software development.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
Invoices shall be accompanied by a Certificate of Acceptance (Annex B), signed for acceptance by the Project Authority.
The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements
OPTION YEAR 3: 01 January 2027 to 31 December 2027
Deliverable 01: 44 sprints of software development.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
Invoices shall be accompanied by a Certificate of Acceptance (Annex B), signed for acceptance by the Project Authority.
The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements
5 COORDINATION AND REPORTING
The contractor shall participate in daily status update meetings, sprint planning, sprint retrospectives and other meetings, physically in the office, or in person via electronic means using Conference Call capabilities, according to project manager’s instructions.
For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in written within three (3) days after the sprint’s end date. The format of this report shall be a short email to the NCIA Point of Contact mentioning briefly the work held and the development achievements during the sprint.
Also a Certificate of Acceptance (Annex B) will be filled in and signed by the contractor and signed for acceptance by the Project Authority.
6 SCHEDULE
This task order will be active immediately after signing of the contract by both parties and will end no later than 31 December 2024.
In case the options are exercised, the related period of performance for the three options are as follows: 01 January 2025 to 31 December 2025, 01 January 2026 – to 31 December 2026 and 01 January 2027 to 31 December 2027.
7 CONSTRAINTS
All the deliverables provided under this statement of work will be based on NCI Agency templates or agreed with the project point of contact.
All code, scripts, documentation, etc. will be stored under configuration management and/or in the provided NCI Agency tools.
All the deliverables of this project will be considered at most NATO RESTRICTED
Part of the work will involve handling classified networks, therefore, a security clearance at NATO SECRET level is expected for the contractor undertaking this project. While the contractor may start work prior to obtaining the appropriate clearance, it should be obtained no longer than 3 months after the effective contract start date. In a case that the contract has started prior to obtaining a clearance, for a maximum 3 months period, the contractor can work remotely while periodically visiting the office in The Hague as a visitor.
8 PRACTICAL ARRANGEMENTS
The contractor will be required to work on site, either in The Hague, Netherlands or in Braine L’Alleud, Belgium. Final location will be determined after contract award.
Access to the NCI Agency platforms will be provided in coordination with the NCIA Point of Contact or delegated staffs.
The contractor may be required to travel to NCI Agency, Mons BE, Braine L’Alleud BE, The Hague NL and other sites within NATO for completing these tasks. Travel expenses will be reimbursed under AAS+ framework contract provisions and in accordance with NCIAs Travel Directive.
9 QUALIFICATIONS
[See Requirements]
Requirements
9 QUALIFICATIONS
The consultancy support for this work requires a software developer with the following qualifications:
- The candidate has relevant and recent experience in administrating complex applications or systems.
- The candidate has a track record in DevSecOps and has strong problem solving skills.
- The candidate has extensive and recent experience with and knowledge of Continuous integration and delivery, including the following tools and technologies and concepts: a. Git (mandatory); b. Ansible (mandatory); c. Docker (mandatory); d. Jenkins (mandatory); e. Terraform/OpenTofu (mandatory); f. VMWare vSphere (mandatory); g. Designing and implementing build/deploy pipelines
- The candidate has extensive and recent experience with and knowledge of Continuous Operations, including the following tools and technologies and concepts: a. Kubernetes; b. GitOps; c. Container Registry
- The candidate has experience with designing and maintaining Sharepoint, SQL Server, Postgres, Active Directory and Exchange solutions
- The candidate has relevant and recent experience in using Scrum methodology.
- The candidate has strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
- The candidate is able to speak and write fluent English since the work is conducted in English.
- The candidate must have the nationality of one of the NATO nations.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Agile Ansible Automation C Clearance DevSecOps Docker Kubernetes NATO PostgreSQL Scrum Security Clearance SharePoint SQL SQL Server Terraform VMware
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs