Park Lane Recruitment Ltd
- Deadline Date: Thursday 09 July 2026
- Build a Proof of Concept (POC) environment based on a single Entra ID Identity
- Required Security Clearance: NATO SECRET (or UK SC)
Deadline Date: Thursday 09 July 2026
Requirement: Multi-Factor Authentication on Internet Facing Portals – Proof of Concept
Location: Off-Site
Cost Not to Exceed: EUR 66,375
Period of Performance: 13 August 2026 through 30 December 2026
Required Security Clearance: NATO SECRET
Please do NOT apply for any NATO contract positions unless you meet ALL the following criteria:
- Current National or NATO SECRET clearance
- Nationality of one of the NATO member countries
- Current work visa for the specific location if applying for an in-country position
Any applications that do NOT meet all the above – and do not CLEARLY show these on the CV – will be deleted.
Introduction
Due to the findings in the Type 4 Security Audit NATO, technical teams have been tasked with planning and implementing a security standardisation for Multi-Factor Authentication for internet facing web-portals throughout the NATO enterprise.
Scope:
- Build a Proof of Concept (POC) environment based on a single Entra ID Identity Provider to a number of MFA technologies as MFA brokers.
- Test and document POC applications against a set test criterion.
- Build and test security logging with the security department.
- Document Service delivery requirements and support documentation.
- Work with Quality teams to align test strategy and test acceptance.
- This SOW will not exceed EUR 73,750 (Deliverables and Travel).
Constraints:
- The identification of the most fit-for-purpose solution is to be validated, confirmed and accredited.
- The solution is to align with other ongoing NCIA efforts, including but not limited to: IT Modernization; NATO Cloud Programs; Protected Business Network; and NATO and NCIA Directives.
- The solution is developed in close coordination with NCSC, NCIA and its technical staff. Coordination meetings shall take place at intervals sufficient to ensure information sharing and technical exchange.
- Due to the criticality and dependencies of follow-on project elements, the solution is to be completed and accepted no later than end of December 2026.
MFA Internet Facing Portals – Extract Scope
Preparation Phase and Configuration
Business Analysis; Document current production configurations; Full production configuration export; Document current production MFA configuration (if it exists); Document current self-registration, onboarding and user lifecycle process; Screenshot and document current login and logout UI/UX; Inventory all application interfaces; User account audit and mapping; CIS Description; Test strategy; Test scripts created by principal users; Security Pen Testing; Dependency Map; Target Architecture; Training Materials; Runbooks.
Execution Phase: POC Build and Technology Pillar Integration
Create non-production Entra ID app registration; Configure Entra ID branding; Customize Entra ID sign-in and sign-out page text; Configure and map Entra ID MFA registration policy; Design Entra ID self-service signup, browser authentication, and first login flows; Configure Entra ID custom attributes; Customize Entra ID email templates; Configure Entra ID Terms of Use; Configure identity provider attribute mappers; Enable Account Linking strategy; Setup monitoring and alerting; Document rollback procedure.
Technology Pillars: Moodle; SharePoint; Keycloak; Cognito.
Requirements
Qualifications:
Identity and Access Management:
- Minimum 5 years of experience in Identity and Access Management.
- Strong knowledge of authentication protocols (SAML, OIDC).
- Sound knowledge of federated identity management and Single Sign-On (SSO) solutions (Okta, Entra ID, and similar).
Multi-Factor Authentication:
- Proven experience designing and rolling out MFA at scale in an enterprise environment (5,000+ users).
- Experience with certificate-based MFA smart cards, YubiKeys, passkeys/WebAuthn, TOTP, and push-based MFA applications (Microsoft Authenticator, Duo, and similar).
- Understanding of risk-based or adaptive authentication strategies.
Web Security and Secure Access Architecture:
- Experience in securing web applications and APIs.
- Strong understanding of TLS, client certificates, reverse proxies, and Zero Trust principles.
- Experience with SSO integration of web applications.
- Recent experience configuring MFA technologies on the following platforms (Technology Pillars) as brokers: Moodle; SharePoint; Keycloak; Cognito.
- Demonstrated recent experience configuring Entra ID as an MFA Provider to the above MFA brokers.
- Ability to produce high-standard documentation for testing and service delivery.
Communication and Interpersonal Skills:
- Excellent verbal and written communication skills.
- Full proficiency in English.
- Ability to communicate technical information to non-technical users in a clear and concise manner.
Customer Service Orientation:
- Strong customer service focus with a commitment to user satisfaction.
- Patience and empathy when dealing with user issues and concerns.
Organisational Skills:
- Attention to detail in documenting support activities and maintaining accurate records.
Team Collaboration:
- Ability to work effectively as part of a team and share knowledge and resources.
- Willingness to collaborate with colleagues to solve complex issues.
Other Requirements:
- Strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
- Must hold the nationality of one of the NATO member nations.
To apply for this job please visit www.reed.co.uk.
Make this application stronger
Use these quick checks before applying so your CV, interview preparation and job search are better matched to this vacancy.
Before you apply
Check the key details and make sure the role matches what you are looking for.
- Review the job title, company, location, salary and working pattern if provided.
- Check the skills, experience or qualifications requested by the employer.
- Make sure the commute, hours and contract type are realistic for you.
Tailor your CV
For IT Jobs, highlight the most relevant skills, experience and achievements linked to this type of work. Keep it honest, clear and focused on what the employer is asking for.
Use the CV Builder or browse Career Advice.
Prepare for interview
If your application is successful, prepare simple examples that show your motivation, strengths and suitability.
Keep searching smarter
Do not rely on one application. Keep searching similar roles and set up alerts so new vacancies reach you faster.
