Role Description:
GRC specialist embedded in NATO Cyber Security Centre (Adversary Emulation / Red Team), focused on governance, policy writing, and compliance documentation for Red Team activities.

Main Duties

• Develop and maintain governance documentation (policies, standards, procedures)

• Align Red Team governance with NATO directives, military doctrine, and frameworks

• Document Red Team methodologies from a governance perspective (ethical boundaries, rules of engagement)

• Define and document deconfliction processes (escalation, oversight, stop criteria)

• Produce governance outputs:

  • Policy compliance statements

  • CONOPS (operating model)

  • Templates (rules of engagement, reports)

  • Governance annexes to Red Team reports

• Ensure all documentation is clear, structured, and suitable for senior stakeholders

Requirements

• Bachelor’s degree 5 years relevant experience, or ~8 years experience without degree

• Experience in:

  • Governance, risk & compliance (GRC) or policy writing

  • Cybersecurity environments

  • Working with or within military/defence structures

• Strong analytical and structured writing skills

• Experience handling sensitive/classified information