Who we are:

For more than 70 years, NATO’s mission has been to preserve peace and security in the Alliance for nearly one billion citizens. The NATO Communications and Information Agency (NCIA) and its predecessors have worked tirelessly in providing the means that enable the connectedness and togetherness that keep our Alliance strong. We are the NCIA, a team of 3000 civilian and military staff in 29 locations throughout Europe, North America and Asia.

Our technology and cyber experts allow NATO to conduct critical operations, protect NATO’s airspace, make data-driven decisions, defend against cyber-attacks, secure NATO networks and maintain superiority in space. This is all possible because of our greatest force, our people. In order to keep this edge we aim to hire, train and retain the very best staff.

Our staff members represent both the diversity and unity of our Alliance. When you join the NCIA, you will be part of an organization where you can contribute authentically to the mission and purpose of NATO and help us keep our technological edge.

About the job:

Based in Mons, Belgium, you will join the Agency as we embark on a journey to transform our IT services to support NATO’s Digital Endeavour. You will join NATO Cyber Security Centre (NCSC), which is responsible for planning and executing all lifecycle management activities for cyber security. In executing this responsibility, NCSC provides specialist cyber security-related services covering the spectrum of scientific, technical, acquisition, operations, maintenance, and sustainment support, throughout the lifecycle of NATO Communications and Information Systems (CIS).

We are looking for driven and enthusiastic PKI Engineers who will take on the following roles and responsibilities:

• Manage the full lifecycle of digital certificates, including issuance, renewal, revocation, and compliance auditing, ensuring the integrity and reliability of the organization’s PKI environment;
• Develop and implement automation workflows to streamline certificate management processes, reduce manual effort, and minimize operational risk;
• Analyze PKI system performance, identify optimization opportunities, and contribute to scalability improvements that meet evolving business needs;
• Contribute to ensuring high availability, resilience, and performance of PKI services across on-premises, hybrid, and cloud environments;
• Support the automation of certificate management workflows using scripting and automation tools (e.g., PowerShell, Python, Bash, Ansible, or similar technologies);
• Proactively monitor certificate health, identify potential expiration issues, and coordinate timely remediation to prevent service disruptions;
• Document actions taken and provide clear recommendations for follow-up or preventive measures to stakeholders.

For a full list of duties, please review the job description on the NCIA career site.

The majority of the activities will be performed on site, with potential travels and will allow limited work from home. Note that the internal job title is Cyber Security Infrastructure Specialist.

About you:

The valuable knowledge and experience that you bring to this role are:

• Bachelor’s degree at a nationally recognised/certified University in a related discipline and 2 years post-related experience. Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCIA, that is, at least 6 years extensive and progressive expertise in duties related to the function of the post;
• At least 2 years of practical experience in designing, deploying, and supporting secure web services and associated architectures;
• Advanced expertise in PKI technologies, including X.509 digital certificates, Certificate Authorities, and supporting protocols such as OCSP, CRL distribution, and S/MIME;
• Strong background in cryptographic algorithms (RSA, ECC, AES, SHA-2) and security protocols such as TLS/SSL and IPsec;
• Proven capability in identifying, assessing, and mitigating security vulnerabilities, with experience applying industry best practices and compliance frameworks;
• Minimum 2 years of experience managing Credential Management Systems (CMS), including enrolment workflows, lifecycle management, and secure key handling;
• Skilled in troubleshooting certificate-related issues across multiple operating systems, including Windows, Linux, and macOS;
• Fluency in English, both written and spoken.

What we offer:

• Genuinely meaningful work as part of the most successful alliance in history;
• 5 year contract with competitive tax-free salary and household and children’s allowances;
• Privileges for expatriate staff including expatriation and education allowances (where appropriate) and additional home leave;
• Excellent private health insurance scheme;
• Generous annual leave of 30 days plus official holidays;
• NATO Pension Scheme;
• Development programs such as professional training, wellbeing, and more.

To learn more about NCIA and our work, please visit our website.

The NCIA prides itself on being an equal opportunity employer. We are committed to fostering an inclusive environment of mutual respect and value uniqueness and differences in gender, gender identity, race, ethnic or cultural origin, age, religion, sexual orientation and physical or neurocognitive ability.

Additional details on the conditions of application can be found via the NCIA career site.