Cyber Security Architect

Actively Reviewing the Applications

Spektrum

On-site

Posted 2 days ago • Apply by June 14, 2026

Job Description

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Introduction

NSPA are looking for engineers to support their Cyber Security infrastructure to covering day to day and project activities, in addition providing Cyber Security services to NSPA customers or partners from across the NATO nations.

Day to Day Activities

Planning and carrying out the replacement of products or technologies within the infrastructure. This will involve developing time schedules, collaborating with the helpdesk, communicating with the customers, configuring the new equipment and performing the actual migration work. Following this, documentation and diagrams will have to be updated.
Operating and maintaining a wide variety of different cyber security solutions on a day-to-day basis, including but not limited to: Network firewall, web proxy, mail proxy and anti-spam, antivirus for servers, DMZ segregation, web application firewall, intrusion prevention, SIEM log correlation and reporting, managed file transfer, certificates, strong authentication etc.
Providing support on various cyber security tasks and operations, such as incident response, troubleshooting, change management, write and implement security procedures for operating security solutions, lifecycle management, security and risk assessments, etc.

Project Activities

Assessment of new cyber security products or technologies. This will involve researching the product, liaising with the manufacturer, arranging for a lab trial, conducting a test phase and then writing a report and making recommendations to NSPA.
Design and implementation of new secure solutions for various projects and to ensure that NSPA Cyber Security posture remains adequate and aligned with best practices.
Operating effectiveness testing and improvement of existing cyber security controls involving various cyber security technologies (including but not limited to network firewalls, Web Application firewalls, SIEM, Network IPS, e-mail protection, web browsing protection, Public Key Infrastructure, Medium and Strong authentication, etc.).
Cyber Security advisory and support provided for various customer projects.
Cyber Security penetration testing project.

Working Location

Main working location: Capellen, Luxembourg (NSPA HQ)
Some projects may require business travel to other sites
Some remote/hybrid work may be required

Working Hours

Monday to Thursday:

Arrival 06:00 to 09:00
Lunch break Minimum 30 minutes 11:45 – 13:45
Departure 16:15 to 20:00

Friday

Arrival 6:00 to 9:00
Departure 12:15 to 17:00

Public Holiday of Luxenberg will be applicable
Some on-call duties and weekend work will be required on a rotation basis

Project Duration

3 years + 2 Years

Mandatory Requirements

Professional Experience

Proven experience of at least 5 years in IT Cyber Security.
Proven experience of at least 1 year in a NATO environment.

Proven experience and skills (Minimum 8 of the below)

Next Generation Firewalls (including Intrusion Detection/Prevention System),
Web Application Firewalls and Reverse Proxies,
Web Proxies
E-mail gateways
Vulnerability Management
Anti-malware, sandboxing and endpoint protection technologies
Public Key Infrastructures (PKIs), smartcards and user authentication technologies
Mobile Device Management (MDM)
Apple infrastructure and iOS management
Security Incident Event Management (SIEM)
Multi-Factor authentication
Privileged Access Management
Good Knowledge - Ability to troubleshoot and solve issues involving the aforementioned technologies

Skills

Good Knowledge - Web application penetration testing
Good Knowledge - Mobile application penetration testing
Good Knowledge - Source code vulnerability analysis
Good Knowledge - Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.)
Good Knowledge - Ability to identify and exploit mobile vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)
Good Knowledge - Network penetration testing experience
Good Knowledge - Protocol analysis
Good Knowledge - CTF experience
Good Knowledge - Secure coding practices
Good Knowledge - Cryptography
Good Knowledge - Red and Blue team experience

Proven knowledge of

Good Knowledge - Cloud Architecture and Security
Good Knowledge - Operating System (Windows and Linux) security and of Active Directory security
Good Knowledge - Networking protocols
Good Knowledge - Application Security
Experience allowing to write scripts efficiently - Programming Skills in Bash or Python or Perl
Good Knowledge - Offensive security tactics, techniques, tools and procedures
Triage, following, procedures pro-active pivoting and hunting - Handling security alerts (ex: antivirus alert, suspicious email report)
Good Knowledge - Handling security incident/intrusion

Language

Proficiency in English, written and oral, equivalent to CEFR B2 or higher
Ability to write clear and concise reports and technical documentation with proper justification
Ability to explain issues at different levels of the hierarchy and in particular to management

Security Clearance

Hold a valid NATO SECRET (or higher) security clearance

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.