CIS Security Engineer

CIS Security Engineer – NATO SECRET

Contract Summary:

• Location – Portugal (On-site)
• Start Date – 10 June 2026
• Clearance – NATO SECRET
• Rate – DOE

Overview:

We are supporting a security-sensitive organisation delivering secure Communications & Information Systems (CIS) across a complex, regulated environment. The CIS Security Engineer will lead and support security engineering and accreditation activities across the full system lifecycle-ensuring risks are understood, controlled, and formally accepted in line with policy.

This is an on-site assignment based in Portugal, requiring NATO SECRET clearance (or the ability to pass the required screening process).

Key Responsibilities;

• Support the definition, design, procurement/development, and implementation of secure CIS capabilities.
• Ensure adherence to applicable security accreditation policies, maintaining risk at an acceptable level across programmes/systems.
• Conduct and document security risk assessments and compliance evaluations to support system accreditation and approvals.
• Work closely with the organisation’s CIS planning and delivery authority to ensure solutions align with internal security guidance and architecture direction.
• Embed cybersecurity controls throughout the end-to-end lifecycle (design, build, test, transition, operations).
• Represent the programme in relevant security governance forums, stakeholder engagements, and assurance discussions.
• Produce, maintain, and manage the required accreditation/assurance documentation set, including (but not limited to):
• System / CIS Description
• Security Accreditation Plan (SAP)
• Security Risk Assessment (SRA)
• Security Requirement Statements (SRSt)
• Security Operating Procedures (SecOPs)
• Security Test & Verification Plan (STVP)
• Security Test & Verification Report (STVR)

Essential Requirements;

Education & Experience

• Bachelor’s degree in a relevant discipline and 4+ years relevant experience, or
• 8+ years of extensive, progressive relevant experience (in lieu of a degree).

Technical Knowledge – Strong grounding across core cybersecurity domains, including:

• Boundary protection
• Encryption / cryptography fundamentals
• Identity & Access Management (IAM)
• Monitoring & detection
• Incident response
• Vulnerability assessment
• Risk management

In-depth understanding of

• CIS security principles and security architecture fundamentals
• Networking concepts (segmentation, routing/switching fundamentals, perimeter design)
• Common vulnerabilities in modern operating systems and applications

Professional Experience (minimum 4 years)

• Applying cybersecurity principles, technologies, and best practices in operational environments
• Implementing and validating security controls across traditional and cloud/hybrid contexts
• Designing, implementing, testing, and validating security components/solutions
• Performing risk assessments and supporting accreditation/assurance activities
• Identifying threats/vulnerabilities/residual risks and providing practical mitigation recommendations
• Supporting security accreditation on large-scale CIS programmes
• Using risk assessment methodologies and supporting tooling

Additional Skills (Desirable)

• Writing/enforcing security policies, standards, and procedures
• Supporting compliance/audit activity aligned to frameworks such as ISO 27001, NIST 800-53, GDPR
• Governance, Risk & Compliance (GRC) exposure
• Strong stakeholder communication and high-quality technical writing

Certifications (Nice to have)

• CISSP, CISA, or similar

Next Steps:

Please contact me if you have any questions, my team and I will be happy to help!