Deadline Date: Friday 8 August 2025
Requirement: Cloud Operations and Data Integration
Location: The Hague, NL
Full Time On-Site: Yes
Time On-Site: 100%
Period of Performance: 2025 BASE: As soon as possible but not later than 1 September 2025 until 31 DEC 2025 with the possibility to exercise following options:
• 2026 option: from 01 JAN 2026 to 31 DEC 2026
• 2027 option: from 01 JAN 2027 to 31 DEC 2027
• 2028 option: from 01 JAN 2028 to 31 DEC 2028
Required Security Clearance: NATO SECRET
Special Terms and Conditions: A Non-disclosure Undertaking will have to be signed before the start of the service delivery
1 INTRODUCTION
Supporting NATO throughout all its geographical locations, NCIA is looking for On-Site service delivery for Cloud Operations and Data Integration, to support NATO’s modernisation of IT services through leveraging the public cloud (Microsoft Azure, M365, Intune and Amazon AWS), delivering managed, protected, security-centric and reliable IT Services.
NCIA – Cloud Operations Team
The NATO Communications and Information Agency (NCIA) is dedicated to supporting NATO's strategic objectives, including the ambitious NATO 2030 agenda. As part of this commitment, we are spearheading the modernization and digital transformation of NATO’s IT services. Our focus is on leveraging public cloud technologies like Microsoft 365 and Intune, incorporating a security-by-design approach, and ensuring a seamless transition to a modern, collaborative workplace environment.
To achieve these goals, we are building a Cloud Operations team under the Cloud Center of Excellence, operating under the NATO Enterprise Cloud Operating Model (NECOM). The NECOM framework provides a standardized approach for cloud service management, ensuring interoperability, scalability, and security across NATO's IT infrastructure. The Cloud Center of Excellence will serve as a hub for best practices, innovation, and expertise, driving the adoption and optimization of cloud technologies within NATO. This team will play a crucial role in our journey towards providing managed, protected, and reliable End User Services.
Embracing the latest technological advancements, this initiative will foster innovation and ensure NATO remains at the cutting edge of IT capabilities. By continuously evolving and integrating new technologies, we aim to enhance operational efficiency and readiness for future challenges. This remote position offers an exciting opportunity to be at the forefront of NATO's technological evolution and contribute to the security and efficiency of our operations.
NCIA – Cloud Centre of Excellence (CCoE)
The Cloud Centre of Excellence (CCoE) within NCIA is focused on driving successful cloud adoption and maximizing the potential of cloud technologies across the organization. It serves as a central governing body, promoting best practices, enabling knowledge sharing, and ensuring alignment between business objectives and cloud initiatives. The CCoE supports various cloud-based solutions, ensuring their effective and efficient implementation and management. By fostering a culture of continuous improvement and innovation, the CCoE helps NCIA leverage cloud technologies to enhance operational efficiency, scalability, and agility.
NCIA is seeking highly skilled service delivery in Cloud Operations and Data Integration to support our Cloud Operations Team. The contractor will be responsible for supporting the administration of Microsoft 365 services and delivering secure, automated solutions using the Microsoft Power Platform. These services involve managing Power Apps, Power Automate, Power BI, and Dataverse environments, implementing compliance policies, and supporting endpoint operations via Microsoft Intune. The contractor will contribute to NATO’s secure digital transformation by developing low-code applications, automating workflows, and building data visualizations that enhance operational insight and efficiency.
These services require in-depth expertise in Power Platform design, Microsoft 365 configuration, and secure device management practices. The contractor will deliver services in close relation with stakeholders to design, implement, and support scalable solutions while enforcing NATO-aligned security, data protection, and governance frameworks. The contractor shall have a strong background in Power Apps development, workflow automation, Power BI reporting, and Microsoft Intune policy administration. The contractor will also support users onsite by enrolling and troubleshooting secure Windows 11 endpoints, delivering training, and promoting secure collaboration practices.
Contractor’s responsibilities will include building and governing Power Platform environments, supporting metadata compliance, applying automation best practices, and maintaining reporting dashboards to track system usage, compliance, and adoption. The contractor will also participate in environment lifecycle governance, enforce DLP and connector policies, and support NATO data classification integration using Sensitivity Labels and metadata tagging solutions.
2 OBJECTIVES
NCIA is embracing cloud services by transitioning to Microsoft 365 with a security-centric design.
This shift aims to enhance operational efficiency, collaboration, and security across the organization. We are looking for individuals with strong knowledge, a willingness to learn, and a desire to grow as part of this new challenge.
The objective of this statement of work is to establish a support and operating model for End User Services operating in the Public Cloud, with a focus on Microsoft 365 services.
3 SCOPE OF WORK
Under the direction / guidance of the local NCIA Point of Contact or the Cloud Ops Operations Manager, the contractor will support the following:
1) Administer core Microsoft 365 services and collaboration tools
Support user and service management across Exchange Online, SharePoint, OneDrive, and Teams.
Troubleshoot issues related to mail flow, file sharing, access control, and Teams governance.
Ensure service continuity, compliance configuration, and end-user support.
2) Design and manage Power Platform environments
Establish Power Platform environments with appropriate DLP policies and user permissions.
Configure environment connectors, licensing controls, and secure data boundaries.
Monitor environment health and manage capacity alerts and usage quotas.
3) Develop and support Power Apps solutions
Create Canvas and Model-Driven apps for internal workflow automation and data management.
Integrate with Dataverse, SharePoint, and other M365 services.
Ensure secure access, responsive UI design, and lifecycle governance of applications.
4) Implement Power Automate workflows
Build and maintain cloud flows to automate routine NATO business processes.
Use standard and premium connectors to integrate across M365 and third-party systems.
Monitor workflow execution, error handling, and automation performance.
5) Support data modeling in Microsoft Dataverse
Design secure and efficient tables, relationships, and business rules in Dataverse.
Manage data storage and API calls to maintain licensing thresholds.
Ensure data retention, access control, and audit requirements are met.
6) Develop Power BI reports and dashboards
Build Power BI datasets and reports using Microsoft and NATO datasets.
Connect to SharePoint, Excel, Dataverse, and external APIs securely.
Implement row-level security (RLS) and publish dashboards via Microsoft Teams or SharePoint.
7) Ensure governance and compliance across Power Platform
Enforce DLP policies, connector approvals, and environment-level usage control.
Coordinate with security and compliance officers to ensure adherence to NATO data policies.
Maintain audit trails and reports on platform usage, performance, and changes.
8) Provide on-site technical support and user enablement
Assist users with Power Platform licensing, app usage, and troubleshooting.
Deliver informal training, documentation, and one-on-one coaching as needed.
Act as a liaison between users and central CloudOps or Security teams.
9) Document, automate, and report activities and findings
Maintain structured documentation for each Power Platform project and workflow.
Create PowerShell scripts to automate M365/Intune/Power Platform administrative tasks.
Report sprint progress, usage insights, and adoption metrics to stakeholders.
10) Provide on-site device and user support
Enroll Windows 11 endpoints via Intune and enforce secure baselines.
Troubleshoot configuration profile failures, Defender issues, and BitLocker settings.
Assist with onboarding, MFA setup, and general user support.
11) Collaboration with IT Support:
Work closely with the IT support team to resolve complex device-related issues.
Serve as a subject matter expert in mobile device management.
12) Documentation and Training:
Maintain comprehensive documentation for Cloud Operations processes, configurations, and workflows.
Provide training and support to other staff as required for knowledge and information sharing.
13) Collaboration and Communication:
Collaborate with IT security, compliance, and other relevant teams to ensure cohesive Cloud Operations strategies.
Communicate effectively with internal stakeholders to understand requirements and address concerns.
The contractor will be part of the project management and implementation team, working closely with the Cloud Operations Centre team, ensuring the secure, available, managed and compliant delivery of Public Cloud Services to NATO and its Strategic Commands.
The measurement of execution for this work is sprints, with each sprint being planned for a duration of 5 working days.
Due to the AGILE approach of this project, the specific deliverables and associated acceptance criteria will be defined for each sprint between the NCIA and the contractor. This includes sprint planning, execution and review processes, which are detailed below:
1. Sprint Planning:
Objective: Plan the objectives for the upcoming sprint
Kick-off meeting: Conduct a monthly meeting with the contractor to plan the objectives of upcoming sprints and review contractor`s manpower to meet the agreed deliverables.
Set sprint goals: Define clear, achievable goals for the sprint and associated acceptance criteria, including specific delivery targets, Quality standards as well as Key Performance Indicators (KPIs) for each task to be recorded in the sprint meeting minutes.
Agree on the required level of effort for the various sprint tasks.
Backlog Review: Review and prioritise the backlog of tasks, issues, and improvements from previous sprints.
Assess each payment milestone cycle duration of one calendar month. State of completion and validation of each sprint status and sign off sprints to be submitted for payment as covered in Section 4.
2. Sprint Execution
Objective: Contractor to execute the agreed “sprint plans” with continuous monitoring and adjustments.
Regular meetings between NCIA and the contractor to review sprint progress, address issues, and make necessary adjustments to the processes or production methodology. The Meetings will be physically in the office, or in person via electronic means using Conference Call capabilities, according to the NCIA staff instructions.
Continuous improvement: Contractor to establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent implementation depending on NCIA approval.
Progress Tracking: Contractor to use a shared dashboard or tool to track the status of the sprint deliveries and any issues.
Quality Assurance/Quality Check: Contractor shall ensure that the quality standards agreed for the sprint deliverables are maintained throughout the sprint.
Quality Control: NCIA to perform the Final Quality Control of the agreed deliverables and provide feedback on any issues.
3. Sprint Review
Objective: Review the sprint performance and identify areas for improvement.
At the end of each sprint, there will be a meeting between the NCIA and the Contractor to review the outcomes against the acceptance criteria comprising sprint goals, agreed quality criteria and Key Performance Indicators (KPIs).
Define specific actions to address issues and enhance the next sprint.
4. Sprint Payment
For each sprint to be considered as complete and payable, the contractor must report the outcome of their work during the sprint, first verbally during the retrospective sprint review meeting and then in writing within three days after the sprint’s end date. A report must be sent by email to the NCIA manager, highlighting all work performed against the agreed tasking list set for the sprint.
The contractor's payment for each sprint will be depending upon the achievement of agreed Acceptance Criteria for each task, defined at the sprint planning stage. This will include specific delivery targets, quality standards as well as Key Performance Indicators (KPIs) for each task.
The payment shall be dependent upon successful acceptance as set in the above planning/review meetings. This will follow the payment milestones that shall include a completed Delivery Acceptance Sheet (DAS) – (Annex A)
Invoices shall be accompanied with a Delivery Acceptance Sheet (DAS) – (Annex A) signed by the Contractor and project authority.
If the contractor fails to meet the agreed Acceptance criteria for any task, the NCIA reserves the right to withhold payment for that task/sprint.
Each sprint has a duration of 5 working days. The content and scope of each sprint will be agreed during the sprint‐planning meetings.
4 DELIVERABLES AND PAYMENT MILESTONES
The following deliverables are expected from the work on this statement of work:
2025 BASE period: from 01 SEP 2025 to 31 DEC 2025:
Deliverable: 17 sprints of cloud operations and data integration support.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
The Purchaser (NCIA) reserves the right to exercise a number of options of one or more sprints based on the same scrum deliverables, at a later time, depending on the project priorities and requirements, at the following cost: for base year (2025) at the same cost, for outer years (2026, 2027 and 2028) the Price Adjustment Formula will be applied in accordance with paragraph 6.5 of the Framework Contract Special Provisions.
The payment shall be dependent upon successful acceptance of the Delivery Acceptance Sheet (DAS) – (Annex A).
Invoices shall be accompanied with a Delivery Acceptance Sheet (Annex A) signed by the Contractor and the project authority.
2026, 2027 and 2028 OPTION: from 01 JAN to 31 DEC
Deliverable: Up to 46 sprints of cloud operations and data integration support.
Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article 6.5.
Payment Milestones: Upon completion of each fourth sprint and at the end of the work.
5 COORDINATION AND REPORTING
The contractor shall participate in daily status update meetings, activity planning and other meetings as instructed, physically in the office, or in person via electronic means using Conference Call capabilities, according to the Operation Managers / Team Leaders instructions.
For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in written within three (3) days after the sprint’s end date. The format of this report shall be a short email to the NCIA Point of Contact mentioning briefly the work held and the development achievements during the sprint.
6 SCHEDULE
This task order will be active immediately after signing of the contract by both parties and will end no later than 31 December 2025.
If the 2026, 2027 and 2028 options are exercised, the period of performance is 01 JAN to 31 DEC of the respective year.
7 CONSTRAINTS
All the deliverables provided under this statement of work will be based on NCIA templates or agreed with the project point of contact.
All code, scripts, documentation, etc. will be stored under configuration management and/or in the provided NCIA tools.
All the deliverables of this project will be considered NATO UNCLASSIFIED, while access to networks exceeding this classification level is required.
With this role being of technical nature with access to NATO managed networks, a security clearance at the NATO SECRET level is required prior to the start of the engagement.
8 PRACTICAL ARRANGEMENTS
The contractor will work 100% on-site, with the possibility to work remote up to 1 day per week.
Remote services need to be provided from a NATO country. The duty location being The Hague (NETHERLANDS), the contractor shall provide services during Core working hours of the Cloud Operations team (Brussels / BEL).
The contractor may be required to travel, infrequent and not exceeding 2 weeks at a maximum, to other NCIA locations as part of his role. Travel arrangements will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.5 of the AAS+ Framework Contract and within the limits of the NCIA Travel Directive.
The contractor delivering the services will be part of the NCIA NATO Public Cloud Project Team.
9 QUALIFICATIONS
[See Requirements]
9 QUALIFICATIONS
The consultancy support for these services require an experienced contractor in Cloud Operations and Data integration, with the following qualifications:
1) Microsoft 365 Platform Expertise (5 years of experience)
2) Microsoft Intune and Endpoint Configuration (5 years of experience)
3) Power Platform Administration and Governance (5 years of experience)
4) Power Apps Development Skills (5 years of experience)
5) Workflow Automation using Power Automate
6) Dataverse Data Modeling and Security
7) Power BI Development and Data Visualization
8) Scripting and Automation for Administration
9) Compliance and Security Alignment
10) Documentation and Communication Skills
11) Security and Compliance Knowledge:
12) Organizational Skills:
13) Team Collaboration:
14) Others: