Deadline Date: Friday 9 January 2026Requirement Title: Vulnerability Assessment Engineer 3Location: Mons, BelgiumFull time on-site: YesTotal Scope of the request (hours): 1460Required Start Date: 2-FEB-2026End Contract Date: 31-DEC-2026Required Security Clearance: NATO Cosmic Top SecretSpecific Working Conditions: Normal Office Conditions. We can only accept CTS clearedcandidates for this role due to security regulations. We cannot accept NS cleared candidates with ongoing CTS clearance requested.There will be local travel in Belgium required to NATO/NCIA locations. This is estimated to be up to 20 days for 2026Duties and Role The contracted individual will be asked to support the development of one or more technical deliverables. The contracted individual must be able to perform effectively and efficiently with minimal supervision.Frequent travel to NATO and national (NATO and non-NATO) facilities is required in support of assessments.The duties are normally performed within government or military installations, where security protocols and operationalrequirements prevail.The position is based on-site, with very limited opportunities for teleworking.The duties of the individual mainly focus on:- Plan and execute technical On-site CIS Security Audits (Type-3) for networks, systems, and applications, and ensure the accuracy of the results; - Analyse collected assessment data and identify security weaknesses; - Write Security Audit reports with findings and appropriate recommendations; - Provide briefings and further information to support remediation and mitigation; - Contribute to development of in-house toolset for data collection and analysis; - Performsother duties as may be required.RequirementsNATO Cosmic Top Secret Security ClearanceThe required skillset for the contracted individual is extensive knowledge and experience (more than 3 years - except AI) in the following areas:Proven, in depth understanding of computer and communications security, enterprise networking, and the vulnerabilities inherent in modern operating systems and applications; Ability to assess a variety of security controls aligned with industry best practices, including Zero Trust Architecture and Data Centric Security principles; Expert knowledge in executing vulnerability assessment scans across large, complex networks without impacting system availability or performance; Demonstrable hands on experience with Tenable Nessus products, including advanced configuration and customization; Extensive proficiency in developing and deploying Nessus audit files to enforce compliance checks for operating systems, network devices, and applications; Thoroughunderstanding of Active Directory security configuration and associated vulnerabilities; Advancedknowledge of Microsoft Azure AD / Entra ID / Office 365 and AWS Cloud Security, with practical experience in securing hybrid and cloud environments; Familiarity with DevSecOps practices, embedding security into CI/CD pipelines and cloud native deployments; Comprehensive experience in assessing and implementing system hardening measures, antimalware configurations, and endpoint protection strategies; Ability to benchmark systems against recognized security standards (, CIS Benchmarks, NIST); Applied expertise in Artificial Intelligence, including the capability to assess Large Language Models (LLMs); Proficiency inimplementing and securing Ansible deployments; Expertisewith Software Defined Networking (SDN) and Service Oriented Architecture (SOA) implementations; Capability to integrate modern architectures with enterprise security frameworks; Enhanced skillset in data processing automation using scripting languages ( PowerShell, Python, Bash); Ability to build repeatable workflows/checklists to improve efficiency and reduce human error; Excellentcommunication skills, including briefing senior stakeholders, delivering clear presentations, producing high quality reports, and mediating technical discussions; Strong interpersonal abilities with a proven track record of working independently and collaboratively within multidisciplinary teams;