Security Architect, The Hague

Security Architect is being looked for to develop robust security frameworks for a groundbreaking integrated air and missile defence command and control (C2) program for NATO partners and allied operations. You will design and validate the security architecture for a data‑centric, cloud‑based solution supporting NATO missions. The role requires deep expertise in modern data‑centric security, Zero Trust, and cloud security, fully aligned with the NATO Data Strategy for the Alliance (DaSA) and NATO Data‑Centric Reference Architecture (DCRA).

Location The Hague / Brussels

Security Clearance NATO Secret

Deadline for Application 02.04 2026 r.

Taskings

Defining and implementing security controls for federated, multi‑domain cloud environments using expertise in security patterns supporting data classification, tagging, lineage, encryption, ABAC, access decision logic and policy‑based enforcement.

Bringing strong skills in architecting Identity, Credential and Access Management (ICAM) and Zero Trust solutions.

Creating Zero Trust enforcement models across identity, endpoints, networks, workloads and data.

Using MBSE tools (e.g. Cameo Systems Modeler, MagicDraw, Sparx Enterprise Architect) to build security‑first architecture models.

Developing architecture views aligned with NATO Architecture Framework (NAF v4), including security views, system views, technical standards/compliance views, service‑based views and data views.

Modeling security behaviours using sequences, activity flows, state machines and dependency diagrams.

Tracing security requirements from operational concepts to system functions, services, components and controls.

Navigating and completing the NATO Security Accreditation process for systems operating on restricted and classified networks.

Creating Security Accreditation artifacts such as the System Security Architecture Document (SSAD), Security Target&Risk Assessment, Secure Configuration Baselines, Security Operating Procedures (SecOPs) and Security Test&Evaluation (ST&E) documentation.

Engaging with NATO Security Accreditation Authorities and complying with the NATO Security Directive Series, STANAGs and FMN Baseline requirements.

Skills and Competencies

NATO SECRET or national equivalent security clearance.

Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, Systems Engineering or related field.

CompTIA Security+ Certification.

5+ years in defence security architecture, cloud security or classified system environments.

Deep knowledge of cloud security, data‑centric protection, encryption, IAM/ICAM, Zero Trust and secure system design.

Experience designing architectures for multi‑level, multi‑tenant, multi‑nation systems.

Knowledge of MBSE tools and modelling languages (e.g. SysML, UML, NAF/DoDAF/UAF frameworks).

Strong understanding of modelling data flows, access policies, interfaces and trust boundaries.

Ability to coordinate reviews, produce documentation and close findings with Security Accreditation Authorities (SAAs).

Proficient with NIST 800‑207 (ZTA), NIST 800‑53, ISO 27001, CIS and NATO cyber/INFOSEC frameworks.

Experience conducting risk analyses, vulnerability assessments and defining mitigations.

Excellent communicator comfortable with multinational stakeholders.

Able to guide engineers and analysts through secure‑by‑design principles and model‑based workflows.

Desirable

Master’s degree.

Expertise in MBSE tools such as Cameo, MagicDraw or Enterprise Architect and NAF v4 operational, system, service and security viewpoints.

Demonstrated expertise in applying data‑centric security principles.

Demonstrated experience completing NATO accreditation for classified systems.

Strong understanding of the NATO Data Strategy and NATO Data‑Centric Reference Architecture (DCRA).

Relevant advanced certifications: CISSP, CCSP, Zero Trust, ICAM, cloud security certifications.

Model‑based engineering certifications (e.g. SysML, vendor MBSE training).

#J-18808-Ljbffr