Loading...
Loading...
The Cyber Exercises Coordination Officer will support the Cyber Readiness Section in coordinating and overseeing cyber and related exercises within NATO. Responsibilities include planning, execution, and post-execution activities, developing exercise materials, coordinating with stakeholders, and capturing lessons learned. The role requires strong organizational skills, proficiency in Microsoft Suite and SharePoint, and excellent English communication. A NATO SECRET security clearance is mandatory.
Deadline Date: Thursday 16 July 2026
Requirement Title: Cyber Exercises Coordination Officer
Location: Brussels, Belgium
Full time on-site: Yes
Not to Exceed: 97 Euro
Total Scope of the request (hours): 890 (estimate)
Required Start Date: not later than 24 August 2026
End Contract Date: 31 December 2026
Required Security Clearance: NATO Secret
Evaluation Methodology: Lowest Priced Technically Compliant
Specific Working Conditions: The contractor personnel will be responsible for complying with the respective national requirements for working permits, visas, taxes, social security etc. whilst working on site at NATO HQ Brussels, Belgium.
No special status is either conferred or implied by the host organization, NATO HQ Brussels, Belgium to the contractor personnel whilst working on site.
The contractor personnel will be responsible for complying with all the respective National Health regulations in Belgium before taking up the position.
Note: For all Level-of-Effort and Completion-Type requests processed outside of the IWC Value Stream, and for which the contractor will not be reimbursed directly by IS for travel expenses, additional travel funding shall be allocated on a Not-to-exceed basis when the yearly Option is exercised.
Duties and Role
1. INTRODUCTION
The Cyber and Digital Transformation Division (CDT) oversees all aspects of cyber and digital transformation across the entire NATO enterprise and is the principal institutional engine for advancing the Alliance’s agenda on those issues. The division also coordinates on all aspects linked to countering hybrid actions. As a fully integrated civilian-military Division, it combines the strategic insight of the International Staff (IS) with the operational expertise of the International Military Staff (IMS), enabling coherent, credible, and actionable advice to NATO’s senior decision-making bodies.
The Readiness and Operations Directorate ensures that NATO’s digital and cyber capabilities are operationally viable, exercised, and maintained at readiness. It plays a pivotal role in translating developed capabilities into operational outputs and enduring services, supporting real-time cyber defence efforts, digital situational awareness, and service assurance across NATO missions. It leads on training, exercises, operational preparedness, and serves as the primary link with the NATO Integrated Cyber Defence Centre (NICC). Feeding back experiences and lessons identified from operations into strategy, policy, plans, capability development, and readiness, the directorate enables continuous improvement and reinforces NATO’s resilience and responsiveness in the information and cyber domains.
The Cyber Readiness (CYR) Section leads and coordinates the implementation of NATO’s cyber strategy, policy and governance by ensuring operational readiness and business continuity, resilience and responsiveness, contributing to the continuous monitoring and improvement of NATO’s cybersecurity posture. The Section is established across four functions:
• Implementation oversight;
• Framework and directive development;
• Learning, training and exercise support;
• Effectiveness measurement and reporting.
The learning, training and exercise support function ensures cyber individual and collective learning, training and exercises across the NATO Enterprise in coordination and complementarity with Alliance-wide initiatives, contributing to the development of skilled and effective cyber workforce for NATO’s future.
The incumbent will support the learning, training and exercise support of the Cyber Readiness Section, ensuring that the cyber and related exercises supported and led by CDT are duly coordinated with the relevant stakeholders.
2. OBJECTIVE ND SCOPE OF WORK
The ‘Cyber Exercises Coordination Officer’ will be responsible for the coordination and oversight of the planning, execution and post-execution activities of cyber and related exercises, in which CDT leadership or subject matter experts will participate.
The contractor personnel will be responsible for coordinating the necessary exercise materials amongst multiple Enterprise and represent CDT as a core planning team member.
The contractor personnel will also support the CYR Lessons Learned activities, capturing, assessing and consolidating the Lessons Identified/ Lessons learned (LI/LL) into the CDT Cyber and Digital LL Registry.
The contractor personnel will work closely with NATO stakeholders, including Allied Command Transformation (ACT), Allied Command Operations (ACO), Joint Intelligence and Security Division (JISD), Operations Division (OPS), Cyberspace Operations Centre (CYOC), NATO Communications Information Agency (NCIA), Allies and others.
3. TASKS
The contractor personnel must be able to perform effectively and efficiently with minimal supervision the tasks described below:
3.1 Enterprise Pathfinder Exercise Support
Support the planning, development, execution and reporting activities of Enterprise Pathfinder (ENPAF) exercise, a holistic Table Top Exercise (TTX) led by CDT, by:
• Developing the necessary planning, execution and post-execution deliverables, including calling notices, Exercise Specification (EXSPEC), training audience handbooks, storylines, presentations, exercise reports;
• Supporting and coordinating the ENPAF Exercise Group meetings and activities, and reporting to the ENPAF Exercise Director;
• Supporting and coordinating the Enterprise Incident Management (EIM), Defensive Cyberspace Operations (DCO), Enterprise Risk Management (ERM) working level and principal level involvement in all phases of the exercise, within the context of the NATO Integrated Cyber Defence Centre (NICC) way of working;
• Liaising with the relevant stakeholders involved in the planning, development and execution phases of ENPAF;
• Organising and supporting periodic in-person and virtual events for exercise planning, execution and post-execution purposes;
• Capturing, assessing and consolidating observations and lessons identified in the ENPAF exercise report.
3.2 Cyber-related Exercises Support
Support CDT’s participation to various cyber-related exercises, by:
• Supporting the planning, development, execution and reporting phases of NATO cyber-related exercises, in which the participation of CDT leadership or subject matter experts is required;
• Representing CYR ‘Learning, training and exercise support’ function in the exercises planning and coordination meetings and events of multiple exercises (e.g. Cyber Coalition, Crisis Management Exercises, (CMX), Short Notice Exercise (SNEX));
• Ensuring that the necessary planning, education and execution activities and deliverables are properly coordinated and timely completed;
• Liaising with the relevant stakeholders, including NATO Entities and Allies, involved in the planning, development and execution phases of NATO Exercises;
• Organising periodical in-person and virtual coordination events for exercise planning purposes;
• Further developing and improving the CYR Exercises SharePoint portals, ensuring appropriate information management of all exercise related information;
• Capturing, assessing and consolidating observations and lessons identified.
• Consolidating CDT’s lessons identified from different exercises.
3.3 Exercises Continuum Coordination
Support the exercises continuum approach, by:
• Facilitating the identification of potential synergies, gaps and/or missing links, to increase alignment between cyber and related exercises;
• Supporting the creation of efficiencies across the cyber exercises landscape through the convergence of exercise scenarios and re-use of storylines, their supporting elements, and related artefacts as much as possible;
• Supporting CDT’s periodic reporting on the progress implementing the exercise continuum approach;
• Conducting structured data collection, comparison and assessment of current cyber exercises.
4. LOCATION OF DUTY
The Service will be executed primarily on site at the NATO HQ offices in Brussels, Belgium. Frequent travels or short deployments may be required.
The contractor personnel will be embedded within CDT, working within the Cyber Readiness Section (CYR), reporting directly to the Section Head, and working in close coordination with the other stakeholders.
The duty location is NATO HQ in Brussels, Belgium. Teleworking is possible on a case-by-case basis upon an agreement with management.
5. TIMELINES
The services of the contractor personnel are required for the period starting, not later than 24 August 2026 until 31 December 2026.
Possible extension of the contract in 2027. Contract extensions are subject to performance of the contractor personnel, budget availability and related NATO regulations.
6. SPECIFIC WORKING CONDITIONS
The work will be performed in an office-based environment within a secure setting, under standard working hours. Occasional non-standard working hours may be required to support urgent or high-priority tasks.
All documentation shall be based on NATO or CDT templates or agreed templates.
All project material shall be stored on CDT dedicated spaces on approved NATO platforms.
7. TRAVEL
The contractor personnel will be expected to undertake business travel in support of specification development and coordination activities with NATO stakeholders.
Travel expenses will be reimbursed to the individual directly (in addition to the hourly rate) under NATO rules. Travel to Shape will not be reimbursed.
8. SECURITY AND NON-DISCLOSURE AGREEMENT
The security classification of the service will be up to NATO SECRET.
The contractor personnel providing the services under this SOW is required to hold a valid NATO SECRET security clearance at the time of proposal submission.
The contractor personnel will be required to sign a Non-Disclosure Agreement prior to commencing work.
Desirable
The following requirements would be considered an advantage:
• Experience working with NATO, or equivalent international organizations, supporting exercises;
• Knowledge and experience with the NATO Lessons Learned process;
• Knowledge and Experience of NATO Bi-SC 75-03 Exercise Design and Execution;
• Knowledge of NATO’s security policy and supporting directives Experience in Training Design Analysis;
• Knowledge on NATO cybersecurity processes;
• Knowledge and experience coordinating with multiple stakeholders during the response activities to cybersecurity related incidents in large, geographically sparse organizations;
• Cybersecurity certifications such as CISM, CISSP or equivalent post-graduate degree in cybersecurity is desirable.