JOB DETAILS

Team Lead Malware and Forensics Analysis

CompanyNATO
LocationMons
Work ModeOn Site
PostedMay 1, 2026
About The Company
We are NATO's technology and cyber hub. We are a team of 3,000 civilian and military staff members, located in 29 sites throughout Europe and North America. We help NATO and its member countries communicate and work together to fulfil their mission – preserve peace and security for nearly one billion citizens. The Agency is on the frontlines against cyber threats, protecting NATO’s networks 24 hours a day, seven days a week, to prevent debilitating attacks. Our experts provide capabilities and services that are critical to NATO’s ability to fulfil its core tasks of consultation, collective defence and crisis management. We achieve this by working in partnership with industry, academia and not-for-profit organizations. Our work helps NATO keeps its technological edge.
About the Role

 

Who we are:

For more than 70 years, NATO’s mission has been to preserve peace and security in the Alliance for nearly one billion citizens. The NATO Communications and Information Agency (NCIA) and its predecessors have worked tirelessly in providing the means that enable the connectedness and togetherness that keep our Alliance strong. We are the NCIA, a team of 3000 civilian and military staff in 29 locations throughout Europe, North America and Asia.

Our technology and cyber experts allow NATO to conduct critical operations, protect NATO’s airspace, make data-driven decisions, defend against cyber-attacks, secure NATO networks and maintain superiority in space. This is all possible because of our greatest force, our people. In order to keep this edge we aim to hire, train and retain the very best staff.

Our staff members represent both the diversity and unity of our Alliance. When you join the NCIA, you will be part of an organization where you can contribute authentically to the mission and purpose of NATO and help us keep our technological edge.

 

 

About the job:

Based in Mons, Belgium, you will join the Agency as we embark on a journey to transform our IT services to support NATO’s Digital Endeavour. You will join NATO Cyber Security Centre (NCSC), which is responsible for planning and executing all lifecycle management activities for cyber security. In executing this responsibility, NCSC provides specialist cyber security-related services covering the spectrum of scientific, technical, acquisition, operations, maintenance, and sustainment support, throughout the lifecycle of NATO Communications and Information Systems (CIS).

We are looking for a driven and enthusiastic Team Lead Malware and Forensics Analysis who will take on the following roles and responsibilities:

  • Direct and supervise the delivery of efficient and effective Malware and Forensics analysis;

  • Lead a team of malware and forensics analysts ensuring continuous training and professional development;

  • Provide technical and expert support for to the 24/7 Cyber Security Incident Response Team’s processes, during normal working hours and on-call duties, including weekends and holidays;

  • Help the service delivery manager (SDM) and service owner (SO) realize their visions for the service – technical analysis;

  • Manage forensic and malware analysis tools and environments on premises or in the cloud;

  • Write and review Standard Operating Procedures/Instructions covering all aspects of Digital Forensics and Malware Analysis.

 

For a full list of duties, please review the job description on the NCI Agency career site.

 

 

 

About you:

The valuable knowledge and experience that you bring to this role are:

  • A Bachelor’s degree at a nationally recognised/certified University in a related discipline and 3 years post-related experience. Or exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency, that is, at least 10 years extensive and progressive expertise in duties related to the function of the post;

  • Extensive knowledge of malware analysis techniques and technologies;

  • Excellent ability to recognise when an IT network/system has been attacked, be able to take immediate action to limit damage and to escalate the event to higher authority;

  • Practical experience with cyber security in cloud-based environments such as Azure and AWS;

  • Proficiency in assessing security vulnerabilities of operation systems and software;

  • Practical experience in the analysis of digital forensic artefacts in the context of cyber security;

  • Good knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications;

  • Good understanding of the MITRE ATT&CK framework and its applicability in Cyber;

  • Good knowledge of cyber security incident handling;

  • Practical experience in scripting (Python, PowerShell);

  • Excellent communication and analytical skills;

  • Experience in leading technical teams, preferably in international environment;

  • Experience producing clear and concise presentations and reports to both technical and non-technical audiences as well as giving effective presentation;

  • Good understanding of the management of the IT Service Delivery, following ITIL framework;

  • Fluency in English, both written and spoken.

     

 

What we offer:

  • Genuinely meaningful work as part of the most successful alliance in history;

  • 5 year contract with competitive tax-free salary and household and children’s allowances;

  • Privileges for expatriate staff including expatriation and education allowances (where appropriate) and additional home leave;

  • Excellent private health insurance scheme;

  • Generous annual leave of 30 days plus official holidays;

  • NATO Pension Scheme;

  • Development programs such as professional training, wellbeing, and more.

 

 

To learn more about NCIA and our work, please visit our website. 

 

The NCIA prides itself on being an equal opportunity employer. We are committed to fostering an inclusive environment of mutual respect and value uniqueness and differences in gender, gender identity, race, ethnic or cultural origin, age, religion, sexual orientation and physical or neurocognitive ability. 

 

Additional details on the conditions of application can be found via the NCIA career site.

 

Key Skills
Malware analysisDigital forensicsCyber securityIncident responseCloud securityAzureAWSVulnerability assessmentPythonPowerShellMITRE ATT&CKITILTeam leadershipTechnical reportingNetwork securityOperating systems
Categories
Security & SafetyTechnologyGovernment & Public SectorManagement & LeadershipSoftware
Benefits
Tax-free salaryHousehold allowanceChildren's allowanceExpatriation allowanceEducation allowancePrivate health insurance30 days annual leaveNATO Pension SchemeProfessional training
Job Information
📋Core Responsibilities
The Team Lead will direct and supervise malware and forensics analysis while leading a team to ensure continuous professional development. They will also provide expert support to the 24/7 Cyber Security Incident Response Team and manage analysis tools in both on-premises and cloud environments.
📋Job Type
full time
📊Experience Level
5-10
💼Company Size
2413
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page