Deadline Date: Thursday 19 June 2025
Requirement: Support to NATO Headquarters Sarajevo Allied Operations Mission (AOM)
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Period of Performance: 2025 Base period: 22 Jul 2025 to 31 Dec 2025, with possibility to exercise the following options:
• 2026 Option: 1 January until 31 December 2026
• 2027 Option: 1 January until 31 December 2027
• 2028 Option: 1 January until 31 December 2028
Required Security Clearance: NATO COSMIC TOP SECRET
1. BACKGROUND
The NATO Communications and Information Agency (NCI Agency) is dedicated to acquiring, deploying, and defending communication systems for NATO’s political decision-makers and Commands. It operates on the frontlines against cyber-attacks, collaborating closely with governments and industry to prevent future debilitating attacks. The NCIA plays a crucial role in maintaining NATO’s technological edge and ensuring the collective defence and crisis management capabilities of the Alliance. In pursuit of our mission, we require specialized advisory services to enhance our interim workforce capacity.
2. INTRODUCTION
NATO Cyber Security Centre (NCSC) is looking for a contractor to support the work of Enable Branch: to ensure the availability, performance, and security of NATO’s data and communication networks across multiple sites. Focus will be on delivering key networking solutions and providing technical expertise in compliance with NATO’s operational requirements and security standards.
3. OBJECTIVE
The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of NATO’s Headquarters Sarajevo Allied Operations Mission (AOM) with a deliverable based (completion-type) contract to be executed in 2025.
The main objective is to secure advisory services that provide expert guidance and support in the end-to-end management of infrastructure supporting AOM networks, working within a framework of Service Level Agreements (SLAs) to deliver secure and reliable solutions.
Current State: Endpoint devices are managed through fragmented systems with manual processes, leading to inconsistent updates, inefficiencies, and security vulnerabilities across the organisation
End State: The desired outcome is that a centralized, automated endpoint management system is in place, offering real-time monitoring, enhanced security, and scalability, ensuring consistency and compliance across all devices.
We are aiming high availability, security, and performance of critical mission systems and platforms, which are essential to NATO’s operational success.
4. SCOPE OF WORK
Under the direction/guidance of NCIA or delegated staff, the Contractor’s Personnel will be designing, deploying, managing, and optimizing the systems and platforms that support NATO’s Networks. This work will include the following activities:
• AOM System Deployment Plan
Network Systems Design & Deployment: Assist the design, installation, and configuration of systems and platforms that underpin NATO’s AOM networks; Ensure scalability; Ensure high availability of AOM networks
• System Optimization & Performance Report
Platform Management & Optimization: Manage AOM network platforms; Monitor AOM network platforms; Optimize AOM network platforms; Ensure the AOM network platforms meet NATO’s performance, security, and reliability standards
• Security Compliance & Vulnerability Assessment
Ensure all AOM systems and platforms comply with NATO’s strict cybersecurity policies and frameworks
• Incident Response & Root Cause Analysis Report
Incident Response & Troubleshooting: Serve as a primary point of contact for troubleshooting and resolving system and platform issues within the AOM environment, Ensure timely recovery of services.
• System Documentation & Audit Trail
• Handling Equipment (lifting and rocking)
• SLA Compliance & Performance Reporting
Documentation & Reporting: Produce detailed documentation for AOM network systems and platform deployments, including architecture diagrams, configuration settings, and operational procedures.
SERVICE DETAILS
1) AOM System Deployment Plan:
• Description: The contractor shall provide a Network Assessment report monthly.
A comprehensive deployment plan for AOM network systems and platforms, including architecture, hardware specifications, and integration strategies.
• Responsibility: Successful deployment of systems with no gaps in operational capability or security compliance, approved by NATO’s IT and cybersecurity teams.
2) System Optimization & Performance Report:
• Description: A detailed system optimization report that outlines platform tuning measures, performance improvements, and ongoing system health metrics.
This is an ongoing activity. The contractor shall support the security audit of NCSC’s networking/system infrastructure on an as required basis.
• Responsibility: Measurable performance improvements validated through platform monitoring tools, with reduced system downtime and optimized resource utilization.
3) Security Compliance & Vulnerability Assessment:
• Description: The contractor shall carry out monthly reviews of Network Performance Data, and assist in the security compliance report for AOM systems and platforms, including a vulnerability assessment and recommendations for security hardening.
• Responsibility: Full compliance with NATO security standards, with all vulnerabilities identified and remediated. Zero critical security audit findings.
4) Incident Response & Root Cause Analysis Report:
• Description: A monthly detailed incident response log and root cause analysis for system and platform issues affecting AOM operations, including resolution timelines and preventive actions.
• Responsibility: All incidents are resolved within SLA timeframes, with no recurrence of the same issues. Incident response times and resolution processes meet or exceed expectations.
5) System Documentation & Audit Trail:
• Description: The contractor shall provide Comprehensive documentation of system configurations, platform designs, and operational procedures for AOM networks, ensuring external audit readiness monthly.
• Responsibility: Up-to-date documentation that passes internal and external compliance audits, with no critical documentation gaps.
6) Handling Equipment (lifting and rocking)
Description: Movement of IT equipment from the local supply or distribution center (CSU Warehouse) environment
Responsibility The contractor shall provide assistance with lifting and rocking of IT equipment (on average once a month)
7) SLA Compliance & Performance Reporting:
• Description: A monthly report on SLA compliance, including system availability, incident handling, and key performance metrics for AOM platforms.
• Responsibility: Full compliance with all SLAs, with no missed deadlines or penalties. Positive feedback from NATO stakeholders on system performance and reliability.
The Contractor’s Personnel will be reinforcing the existing team and will work using an Agile and iterative software development approach during multiple sprints.
The Contractor’s Personnel shall participate in periodic status update meetings, sprint planning, sprint review and other meetings via electronic means using collaborative platforms.
On rare occasions, there may be a requirement to attend in-person meetings at NATO offices in Mons, Belgium, as requested by the Project Manager.
Each sprint is planned for a duration of 1 week. The content and scope of each sprint, i.e. the deliverables, will be agreed during the sprint-planning meeting, in coordination with the NCIA and the contractor. Upon completion and validation of each sprint, the completed sprint can be submitted for payment.
Due to the agile approach of this project, there is a need to define a set of specific arrangements between the NCIA and the contractor that specifically defines the deliverables to be provided for each sprint as well as their associated acceptance criteria. This includes sprint planning, execution and review processes, which are detailed below:
Sprint Planning:
Objective: Plan the objectives and deliverables for the upcoming sprint;
At the start of each sprint, a sprint planning meeting will be conducted with the contractor to discuss and plan the objectives and deliverables of the upcoming sprint;
Define clear, achievable objectives for the sprint and associated acceptance criteria, including specific delivery targets and quality standards for each task, to be recorded in the sprint planning meeting minutes.
Agree on the required level of effort for the various sprint tasks.
Backlog Review: Review and prioritize the backlog of tasks, issues, and improvements from previous sprints.
Assess and validate the status of completion of the previous sprint and sign off sprints to be submitted for payment.
Sprint Execution:
Objective: Contractor to execute the agreed “sprint plans” with continuous monitoring and adjustments.
Regular meetings: The contractor shall participate in status update meetings to review sprint progress, to address issues, and to make necessary adjustments to the processes or objectives. Those sprint meetings will be via electronic means using Conference Call capabilities. On rare occasions, there may be a requirement to attend a physical meeting in the office, or in person, as requested by the project manager.
Continuous improvement: The contractor will establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent implementation depending on NCIA approval.
Progress Tracking: Contractor to track and share the status of the sprint deliveries and any risks / issues.
Quality Assurance / Quality Check: The contractor shall ensure that the quality standards agreed for the sprint deliverables are maintained throughout the sprint.
Quality Control: NCIA will perform the quality control of the agreed deliverables and provide feedback on any issues.
Sprint Review:
Objective: Review the sprint performance and identify areas for improvement.
At the end of each sprint, there will be a meeting to review the deliverables and outcomes against the acceptance criteria.
Define specific actions to address issues and enhance the next sprint.
Sprint Payment:
Progress on the above deliverables will be checked and approved on a per sprint basis.
For each sprint to be considered as complete and payable, the contractor must report the outcome of their work during the sprint, first verbally during the sprint review meeting and then in writing within three days after the sprint’s end date. The format of this report shall be an email to the NCIA Point of Contact mentioning briefly the work performed and the development achievements during the sprint against the agreed tasking list set for the sprint.
The payment of each sprint will be depending upon the achievement of agreed acceptance criteria for each task, defined at the sprint planning stage.
If the contractor fails to meet the agreed acceptance criteria for any task, the NCIA reserves the right to withhold (partial) payment for that sprint.
Invoices shall be accompanied by a Delivery Acceptance Sheet (DAS), signed by the contractor and the project manager, and shall follow the payment milestones.
5. DELIVERABLES AND PAYMENT SCHEDULE
The following deliverables are expected from the work on this Statement of Work:
1) Complete the activities/tasks agreed in each sprint meeting as per Section 4 above.
2) Produce sprint completion reports (format: e-mail update), which include details of activities performed and the list of the deliverables of the week.
3) The contractor will participate in the daily reporting and planning activities (daily stand-ups) as well as the required participation in workshops, events and conferences related to the supported services, as requested by the service delivery manager.
Payment schedule will be according to the payment milestones upon completion of the respective sprint. Upon completion and validation of each sprint and at the end of the monthly milestone, following the acceptance of the sprint report.
The Purchaser (NCIA) reserves the right to exercise a number of options of one or more sprints based on the same deliverables, at a later time, depending on the project priorities and requirements, at the following cost: for base year (2025) at the same cost, for following years (2026-2028) the Price Adjustment Formula will be applied in accordance with paragraph 6.5 of the Framework Contract Special Provisions.
The payment shall be dependent upon successful acceptance of the sprint report and the Delivery Acceptance Sheet (DAS) – (Annex A).
Invoices shall be accompanied with a Delivery Acceptance Sheet (Annex A) signed by the contractor and the NCIA POC.
2025 BASE: 22 July 2025 – 31 December 2025:
Deliverable: 20 sprints (Number of sprints is estimated considering a starting date 28 July 2025. This will be adjusted depending on the actual start date)
Payment Milestones: Upon completion of 4 consecutive sprints and at the end of the work. Completion of each payment milestone shall be accompanied by a DAS signed for acceptance by the Purchaser’s authorized point of contact.
2026, 2027 AND 2028 OPTIONS: 01 JANUARY TO 31 DECEMBER:
Deliverable: Up to 46 sprints
Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article 6.5.
Payment Milestones: Upon completion of 4 consecutive sprints and at the end of the work. Completion of each payment milestone shall be accompanied by a DAS signed for acceptance by the Purchaser’s authorized point of contact.
6. WORK EXECUTION
Due to the nature and classification of the working environment, all services and deliverables outlined in this Statement of Work (SOW) will be performed onsite, on client’s premises, at NCIA location in S.H.A.P.E. Mons, Belgium. The contractor will be physically present on location to conduct assessments, implement network solutions, and provide ongoing support as required throughout the project.
NCIA IT equipment will be provided (one REACH laptop will be provided). This equipment can be used by one person only and associated to that individual. Results of the work to be stored on NCIA NATO RESTRICTED SharePoint portal and/or in the provided NCIA tools.
All developed solutions will be property of the NCIA.
7. CLIENT RESPONSIBILTIES
The Client will:
• Provide necessary access to systems and information required for all services
• Tools and equipment (laptop) will be provided for remote service provisioning. Access to the Agency’s tools that are used to execute daily tasks will be provided.
• Designate primary points of contact for escalations and decision-making
• Early Definition: Establish criteria at the beginning of the project or sprint; Refine criteria as needed throughout the development process
• Prioritization: Identify must-have criteria vs. nice-to-have features; Align prioritization with project / service goals and constraints
• Consider Edge Cases: Include criteria for handling unexpected inputs or scenarios; Address potential failure modes and error handling
8. COORDINATION AND REPORTING
The Contractor shall deliver services onsite in Mons, Belgium.
The highest level of classification that contractor may need to access is NATO Cosmic Top Secret. As a result of this contractor must hold a valid NATO Cosmic Top Secret Security Clearance.
The contractor shall report to the SDM and Technical Leads of NCSC Enable Branch.
The Contractor shall participate in monthly status update meetings and other meetings, physically in the office, or in person via electronic means using Conference Call capabilities, according to service delivery manager’s instructions.
For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in writing, within five (5) working days after the sprint’s end date. A report in the format of a short email shall be sent to NCIA POC briefly mentioning the work held and the achievements during the sprint.
9. SCHEDULE
This task order will be active immediately after signing of the contract by both parties.
The 2025 BASE period of performance is as soon as possible but not later than 22 July 2025 and will end no later than 31 December 2025.
If the 2026, 2027 and 2028 options are exercised, the period of performance is 01 January until 31 December of that respective year.
10. CONSTRAINTS
All the deliverables provided under this statement of work will be based on NCIA templates or agreed with the project point of contact.
All documentation etc. will be stored under configuration management and/or in the provided NCIA tools.
11. SECURITY AND NON-DISCLOSURE AGREEMENT
It is mandatory for the Contractor to be in possession of a NATO COSMIC TOP SECRET (CTS) security clearance to facilitate follow-on engagements and coordination at NATO venues.
The signature of a Non-Disclosure Agreement between the contractor contributing to this task order and NCIA will be required prior to execution.
12. PRACTICAL ARRANGEMENTS
The contractor will be required to work 100% onsite in Mons / BEL as part of this engagement. The NCSC Team is located in Mons / BEL, with working hours will from 08:30 to 17:30 with 1 hour for lunch from Monday to Thursday. On Friday working hours will be from 08:30 to 15:30 with 1 hour for lunch.
The contractor will be required to work following the rules and regulations applicable for the operations of NATO CIS.
The Purchaser will provide the Contractor with the following Purchaser-Furnished Equipment (PFE):
• Access to NATO sites, as required, for the purpose of executing this SOW.
• Workspace (needed business IT for both on- and off-site work, hot-desk at NCSC facility).
• NCIA “REACH” laptop to be used by the contractor for the execution of the contract.
13. TRAVEL
Regular travel costs to and from the service delivery location (SHAPE) are out of scope and will be borne by the contractor.
Travel costs to other NATO locations are not included in the quoted price as there is no expected travel foreseen.
However, should travel be required, travel arrangements will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.5 of the AAS+ Framework Contract and within the limits of the NCIA Travel Directive.
14. QUALIFICATIONS
[See Requirements]
Requirements
14. QUALIFICATIONS
Services under current SOW are to be delivered by ONE resource that must have demonstrated skills, knowledge and experience as listed below:
* Security Classification: It is mandatory for the Contractor to be in possession of a NATO COSMIC TOP SECRET (CTS) security clearance to facilitate follow-on engagements and coordination at NATO venues.
* Language Proficiency: English Level 3 English language skills according to NATO STANAG 6001: Listening (3); Speaking (3); Reading (3); and Writing (3) or according to Common European Framework of Reference for Language level B2-C1/Upper Intermediate-Advanced level)
Past Performance and Qualifications:
* Educational Background: A university degree from a nationally recognized or certified institution in a technical field with a strong emphasis on Information Technology. At least 6 years of specific experience in virtualized technologies (e.g., VMware vSphere, vSAN, NSX).
* Industry Certifications: Must have demonstrated experience and hold relevant certifications in virtualized technologies, as the following key technologies: VMware Horizon View; VMware vSphere; vSAN; vROPS; VMware Cloud Foundation (VCF); ARIA OPS. Certifications like VMware VCP Data Centre Virtualization or equivalent are highly desirable.
* Cloud Infrastructure Expertise: High-level knowledge and experience working with cloud-based infrastructures such as VMware VCF and Microsoft Azure.
* Storage Solutions Administration: Proven experience in managing enterprise storage solutions, including technologies like Dell EMC Unity or HP 3PAR.
* Backup and Restore Expertise: Advanced knowledge of administering backup and restore technologies on Veritas NetBackup.
* Firmware Management: Experience in planning, maintaining, and updating firmware baselines for enterprise hardware using tools like Dell OpenManage Enterprise or HP OneView.
* Windows Server Expertise: Demonstrated expert-level experience with Windows Server Operating Systems (2016, 2019, 2022).
* Microsoft Ecosystem Certification: Holds a recognized certification in Microsoft technologies such as MCSE (Microsoft Certified Solutions Expert) or related fields, particularly in Active Directory and Cloud Infrastructure.
* Cybersecurity Expertise: In-depth knowledge of cybersecurity tools and their integration, with expertise in: Vulnerability assessment tools like Nessus Tenable; Security Information and Event Management (SIEM) solutions like Splunk; Forensic tools like Access Data Enterprise and Fidelis Endpoint Security
* Infrastructure and Operations Maintenance: Familiarity with AOIM (Automation of IT Management) missions and ensuring the reliability of their hosting infrastructures.
* International Experience: Prior experience working in an international environment, including both military and civilian components, is a strong asset.