Deadline Date: Tuesday 29 July 2025
Requirement: RedHat Support for NATO Cyber Security Centre (NCSC)’s Linux Team
Location: Mons, BE
Full Time On-Site: Yes
Time On-Site: 100%
Period of Performance: 2025 Base period: As soon as possible but not later than 11 September 2025 to 31 Dec 2025, with possibility to exercise the following options:
• 2026 Option: 1 January until 31 December 2026
• 2027 Option: 1 January until 31 December 2027
• 2028 Option: 1 January until 31 December 2028
Required Security Clearance: NATO COSMIC TOP SECRET
1. BACKGROUND
The NATO Communications and Information Agency (NCIA) is dedicated to acquiring, deploying, and defending communication systems for NATO’s political decision-makers and Commands. It operates on the frontlines against cyber-attacks, collaborating closely with governments and industry to prevent future debilitating attacks. The NCIA plays a crucial role in maintaining NATO’s technological edge and ensuring the collective defence and crisis management capabilities of the Alliance. In pursuit of our mission, we require specialized advisory services to enhance our interim workforce capacity.
2. INTRODUCTION
NATO Cyber Security Centre (NCSC) is looking for support in the delivery of services to the Enable Branch: to ensure the availability, performance, and security of NATO’s data centre across multiple sites. Recent security audits have shown the need to focus on improving the security of the Linux systems. Focus will be on analysis and security improvements in the Linux systems.
3. OBJECTIVE
The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of NATO’s LINUX Team with a deliverable based (completion-type) contract to be executed in 2025.
The main objective is to secure advisory services that provide expert guidance and support. This vision aims to high availability, security, and performance of critical mission systems and platforms, which are essential to NATO’s operational success.
4. SCOPE OF WORK
Under the direction/guidance of NCIA or delegated staff, the Contractor’s Personnel will be responsible for NCSC’s enterprise Linux environments.
The support services are essential since NCSC currently does not have the full capacity to carry out these tasks to accomplish the requirements highlighted by the security audits, which causes a high risk to its Linux platform servers.
The contractor will focus on delivering key technical solutions and providing expertise in work which will include the following activities:
• Analyse, suggest and implement security improvements to the Linux systems;
• Perform scheduled checks of the NCSC enterprise Linux environments, including health checks and auditing of system logs as needed to ensure the performance and availability of NCSC Services are meeting established service levels on the Linux environment;
• Provide version maintenance, control and storage of scripts, code and documentation using technologies such as BIT-Bucket/GIT Lab for scripts belonging to the Linux team;
• Deploy, consolidate, migrate, virtualise, support and decommission the NCSC enterprise Linux environments;
• Assist with the creation of Linux related VMWARE templates;
• Implementation and support of systems and automation of processes in the NCSC physical and virtual environments utilising Unix scripting with tools Bash, Python and Ansible;
• Support the patching of NCSC Linux environments utilising RedHat Satellite.
SERVICE DETAILS
It will be required to utilise existing NCSC tools (ticketing systems, change and incident management procedures).
Additional tasks might require the monitoring of backups and basic support of backup operations using Veritas NetBackup.
These tasks include:
• Installation and upgrades in Red Hat
• Start/restart/stop of services
• Addition of new jobs, and VMs to existing schedules
• Troubleshooting/restarting of failed jobs
• Monitoring of jobs in the Veritas web based console
We are aiming high availability, security, and performance of critical mission systems and platforms, which are essential to NATO’s operational success.
Due to the AGILE approach of this project, the specific deliverables and associated acceptance criteria will be defined for each sprint between the NCIA and the contractor. This includes sprint planning, execution and review processes, which are detailed below:
1. Sprint Planning:
Objective: Plan the objectives for the upcoming sprint
Kick-off meeting: Conduct a monthly meeting with the contractor to plan the objectives of upcoming sprints and review contractor`s manpower to meet the agreed deliverables.
Set sprint goals: Define clear, achievable goals for the sprint and associated acceptance criteria, including specific delivery targets, Quality standards as well as Key Performance Indicators (KPIs) for each task to be recorded in the sprint meeting minutes.
Agree on the required level of effort for the various sprint tasks.
Backlog Review: Review and prioritize the backlog of tasks, issues, and improvements from previous sprints.
Assess each payment milestone cycle duration of one calendar month. State of completion and validation of each sprint status and sign off sprints to be submitted for payment as covered below.
2. Sprint Execution:
Objective: Contractor to execute the agreed “sprint plans” with continuous monitoring and adjustments.
Regular meetings: The contractor shall participate in status update meetings to review sprint progress, to address issues, and to make necessary adjustments to the processes or objectives. Those sprint meetings will be via electronic means using Conference Call capabilities. On rare occasions, there may be a requirement to attend a physical meeting in the office, or in person, as requested by the project manager.
Continuous improvement: The contractor will establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent implementation depending on NCIA approval.
Progress Tracking: Contractor to track and share the status of the sprint deliveries and any risks / issues.
Quality Assurance / Quality Check: The contractor shall ensure that the quality standards agreed for the sprint deliverables are maintained throughout the sprint.
Quality Control: NCIA will perform the quality control of the agreed deliverables and provide feedback on any issues.
3. Sprint Review:
Objective: Review the sprint performance and identify areas for improvement.
At the end of each sprint, there will be a meeting to review the deliverables and outcomes against the acceptance criteria.
Define specific actions to address issues and enhance the next sprint.
4. Sprint Payment:
Progress on the above deliverables will be checked and approved on a per sprint basis.
For each sprint to be considered as complete and payable, the contractor must report the outcome of their work during the sprint, first verbally during the sprint review meeting and then in writing within three days after the sprint’s end date. The format of this report shall be an email to the NCIA Point of Contact mentioning briefly the work performed and the development achievements during the sprint against the agreed tasking list set for the sprint.
The payment of each sprint will be depending upon the achievement of agreed acceptance criteria for each task, defined at the sprint planning stage.
If the contractor fails to meet the agreed acceptance criteria for any task, the NCIA reserves the right to withhold (partial) payment for that sprint.
Invoices shall be accompanied by a Delivery Acceptance Sheet (DAS), signed by the contractor and the project manager, and shall follow the payment milestones.
Each sprint has a duration of 5 working days. The content and scope of each sprint will be agreed during the sprint‐planning meetings.
5. DELIVERABLES AND PAYMENT SCHEDULE
The following deliverables are expected from the work on this Statement of Work:
1) Complete the activities/tasks agreed in each sprint meeting as per section 4 above.
2) Produce sprint completion reports (format: e-mail update), which include details of activities performed and the list of the deliverables of the week.
3) The contractor will participate in the daily reporting and planning activities (daily stand-ups) as well as the required participation in workshops, events and conferences related to the supported services, as requested by the service delivery manager.
4) Payment schedule will be according to the payment milestones upon completion of the respective sprint. Upon completion and validation of each sprint and at the end of the monthly milestone, following the acceptance of the sprint report.
5) The Purchaser (NCIA) reserves the right to exercise a number of options of one or more sprints based on the same deliverables, at a later time, depending on the project priorities and requirements, at the following cost: for base year (2025) at the same cost, for following years (2026-2028) the Price Adjustment Formula will be applied in accordance with paragraph of the Framework Contract Special Provisions.
6) The payment shall be dependent upon successful acceptance of the sprint report and the Delivery Acceptance Sheet (DAS) – (annex B).
7) Invoices shall be accompanied with a Delivery Acceptance Sheet (annex B) signed by the contractor and the NCIA POC.
2025 BASE: 11 September 2025 – 31 December 2025:
Deliverable: 18 sprints (Number of sprints is estimated and will be adjusted based on actual starting date.)
Payment Milestones: Monthly payment for the completed and accepted sprints within the month. Completion of each sprint shall be accompanied documented in Delivery Acceptance Sheet (DAS) – (Annex B), signed for acceptance by the Purchaser’s authorized point of contact and the Contractor.
2026, 2027 AND 2028 OPTION: 01 JANUARY TO 31 DECEMBER
Deliverable: Up to 46 sprints
Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article
Payment Milestones: Monthly payment for the completed and accepted sprints within the month. Completion of each sprint shall be accompanied documented in Delivery Acceptance Sheet (DAS) – (Annex B), signed for acceptance by the Purhaser’s authorized point of contact and the Contractor.
6. CLIENT RESPONSIBILITIES
The Client will:
• Provide necessary access to systems and information required for all services
• Tools and equipment (laptop) will be provided for remote service provisioning. Access to the Agency’s tools that are used to execute daily tasks will be provided.
• Designate primary points of contact for escalations and decision-making
• Early Definition: Establish criteria at the beginning of the project or sprint; Refine criteria as needed throughout the development process
• Prioritization: Identify must-have criteria vs. nice-to-have features; Align prioritization with project / service goals and constraints
• Consider Edge Cases: Include criteria for handling unexpected inputs or scenarios; Address potential failure modes and error handling
7. COORDINATION AND REPORTING
The Contractor shall deliver services onsite in Mons, Belgium.
The contractor shall report to the NCIA Project Manager or designated Point of Contact (POC) assigned by the NCIA Cyber Security Service Line.
The Contractor shall participate in monthly status update meetings and other meetings, physically in the office, or in person via electronic means using Conference Call capabilities, according to service delivery manager’s instructions.
For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in writing, within five (5) working days after the sprint’s end date. A report in the format of a short email shall be sent to NCIA POC briefly mentioning the work held and the achievements during the sprint.
8. SCHEDULE
This task order will be active immediately after signing of the contract by both parties.
The 2025 BASE period of performance is as soon as possible but not later than 11 September and will end no later than 31 December 2025.
If the 2026, 2027 and 2028 options are exercised, the period of performance is 01 January until 31 December of that respective year.
9. CONSTRAINTS
Results of the work to be stored on NCIA NATO RESTRICTED SharePoint portal.
All the documentation provided under this statement of work will be based on NCIA templates and/or agreed with the NCIA service manager.
All support, maintenance, documentation will be stored under configuration management and/or in the provided NCIA tools.
All developed solutions will be property of the NCIA.
10. SECURITY AND NON-DISCLOSURE AGREEMENT
It is mandatory for the Contractor to be in possession of a NATO COSMIC TOP SECRET security clearance to facilitate follow-on engagements and coordination at NATO venues.
The signature of a Non-Disclosure Agreement between the contractor contributing to this task order and NCIA will be required prior to execution.
11. PRACTICAL ARRANGEMENTS
Due to the nature and classification of the working environment, all services and deliverables outlined in this Statement of Work (SOW) will be performed onsite, on client’s premises, at NCIA location in Mons, Belgium. The contractor will be physically present on location to conduct assessments, implement network solutions, and provide ongoing support as required throughout the project.
The NCSC Team’s working hours are from 08:30 to 17:30 with 1 hour for lunch from Monday to Thursday. On Friday working hours are from 08:30 to 15:30 with 1 hour for lunch.
The contractor will be required to work following the rules and regulations applicable for the operations of NATO CIS.
The Purchaser will provide the Contractor with the following Purchaser-Furnished Equipment (PFE):
• Access to NATO sites, as required, for the purpose of executing this SOW.
• Workspace (needed business IT for both on- and off-site work, hot-desk at NCSC facility).
• NCIA “REACH” laptop to be used by the contractor for the execution of the contract.
This equipment can be used by one person only and shall be associated to that individual.
13. TRAVEL
Regular travel costs to and from the service delivery location (NCIA Mons, BEL) are out of scope and will be borne by the contractor.
Travel costs to other NATO locations are not included in the quoted price as there is no expected travel foreseen.
However, should travel be required, travel arrangements will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article of the AAS+ Framework Contract and within the limits of the NCIA Travel Directive.
14. QUALIFICATIONS
[See Requirements]
Requirements
14. QUALIFICATIONS
Services under current SOW are to be delivered by ONE resource that must have demonstrated skills, knowledge and experience as listed below:
1. Security Classification: NATO Cosmic Top Secret
2. Language Proficiency: English
Past Performance and Qualifications:
To provide a high level of service quality, the contractor supporting the Installation Engineering Team has a proven track record of successfully designing, implementing, and optimizing network and security infrastructures for a variety of organizations across multiple industries.
The engineer should provide and prove the following mandatory performance, education and qualifications:
3. Vocational training in Linux or a relevant discipline;
4. At least 6 years of specific experience in Red Hat System administration of which 2 years should be within NATO.
5. Software engineering skills including programming and/or scripting knowledge in languages such as Python or Bash/Shell;
6. Minimum 3 year experience with Ansible;
7. Minimum 2 year experience with Red Hat Satellite
8. Prior experience implementing security concepts such as SELINUX and separation of privileges via sudo.
9. Backup and Restore Expertise: Basic knowledge of administering backup and restore technologies on Veritas NetBackup.
10. Cybersecurity Expertise: In-depth knowledge of cybersecurity tools and their integration
Industry Certifications:
Must have demonstrated experience through certifications in the following areas:
11. Red Hat System Administration Certification is mandatory
12. Red Hat Certified Specialist in Security is mandatory
13. The Red Hat Certified Engineer (Ansible) certification is desirable.