EMW, Inc.

Role Description The NATO Communications and Information Agency (NCIA) is dedicated to acquiring, deploying, and defending communication systems for NATO's political decision-makers and Commands. It operates on the frontlines against cyber-attacks, collaborating closely with governments and industry to prevent future debilitating attacks. The NCI Agency plays a crucial role in maintaining NATO's technological edge and ensuring the collective defence and crisis management capabilities of the Alliance. In pursuit of this mission, NCIA requires specialized advisory services to enhance its interim workforce capacity. The Cyber Operations Management System (COMS) demonstration is a high priority task which aims at: - Building a mock-up environment on the NATO Software Factory to replicate the functionalities that exist in the operational version of COMS today. - Capturing the requirements and demonstrating to industry the functionalities of the current capabilities by demonstrating on the mock-up environment. COMS operates on the NCSC NROP and NCSC NSOP CIS and is accessible from NATO-wide stakeholders from their respective low-side and high-side environments. COMS supports Cyber Incident Response and Defensive Cyber Operations and is therefore a critical component of the NATO Cyber Security Centre (NCSC) today and the NATO Integrated Cyber Defence Centre (NICC) tomorrow. Qualifications - Excellent knowledge (5+ years) of Atlassian JIRA Datacenter administration. - Excellent knowledge (5+ years) of Atlassian Confluence Datacenter administration. - Prior experience working on the NCIA COMS Environment. - Excellent knowledge in scripting languages (e.g., Bash, Python) for automation and customization tasks. - Excellent knowledge in deploying solutions on Microsoft Azure environments. - Excellent knowledge of Java, Groovy, and ScriptRunner. - Strong experience in dynamic content management and integration between Atlassian JIRA and Confluence. - Strong experience in managing metadata in Atlassian Confluence, Office and PDF documents, and Microsoft SharePoint. - Strong understanding of the inner workings of Atlassian JIRA and Confluence instances, including at database level. - Experience with the management of Linux servers (preferably RedHat). - NATO SECRET security clearance required for the project manager. - NATO RESTRICTED authorization required for all other contractor personnel. Requirements - Build a mock-up environment that simulates what is doable today on COMS NR and COMS NS. - Identify and capture the functional and non-functional requirements of what COMS is able to deliver today. - Create a recorded video introducing what COMS is today, and going through the different requirements. - Present a live demo of the COMS mock-up environment as part of an industry engagement day organized by NCIA. Benefits - Opportunity to work with NATO and contribute to critical cyber defense initiatives. - Engagement with industry leaders and stakeholders. - Potential for future collaboration on similar projects. Company Description The NATO Communications and Information Agency (NCIA) is dedicated to acquiring, deploying, and defending communication systems for NATO's political decision-makers and Commands.

Role Description The Contractor is to provide support services to the MN5G Project Board, and NATO Cyber and Digital Transformation (CDT) Division Programme of Work (PoW) by developing technical artefacts, reports and experiments on NGN and Secure Communications. Qualifications - Principal Engineer with a minimum of 10 years of sound experience in Communication and Information Systems (CIS) engineering and design. - Knowledge and experience in International Mobile Telecommunications (IMT) 5G networks, Communication Systems, Networks, Infrastructure, Virtualization, Cloud, Security, Monitoring and Control, and Interoperability. - Experience and knowledge in system architecture and design. - Experience in Enterprise and Capability architecture. - Knowledge of SMC aspects, relevant frameworks and their implementation in large CIS networks. - Experience with Military CIS systems. - Experience in designing readiness assessments, surveys, and maturity assessment models for technology adoption. - Familiarity with CIS related international, commercial, and industrial standards. - Experience with deployable CIS systems (Military and/or Civilian). - Experience in Service Design and Management. - Knowledge of NATO political ambition and organizational structure. Requirements - Required Security Clearance: NATO SECRET - Number of Resources: One (1) single resource required - Period of Performance: ASAP, not later than 3 August 2026 until 31 March 2027 - Location: Offsite, with meetings through video teleconference (VTC) Deliverables and Payment Milestones - Deliverable D1: Project Kick-off and Requirements Analysis - Due Date: 3 August 2026 - Payment Milestone: M1 – 15% of total BASE value. - Deliverable D2: NGN Architecture Development Phase 1 - Due Date: 30 September 2026 - Payment Milestone: M2 – 15% of total BASE value. - Deliverable D3: Network Management and Cyber Defense (NMCD) Review - Due Date: 31 October 2026 - Payment Milestone: M3 – 15% of total BASE value. - Deliverable D4: NGN Architecture Development Phase 2 - Due Date: 30 November 2026 - Payment Milestone: M4 – 20% of total BASE value. - Deliverable D5: 5G White Paper Development - Due Date: 30 January 2027 - Payment Milestone: M5 – 10% of total BASE value. - Deliverable D6: 5G Readiness Assessment - Due Date: 12 February 2027 - Payment Milestone: M6 – 10% of total BASE value. - Deliverable D9: Final Reports Submitted - Due Date: 31 March 2027 - Payment Milestone: M9 – 15% of total BASE value. Benefits - Off-Site Discount: 5% applicable when assigned personnel work off-site. Period of Performance This task order will be active immediately after signing of the contract by both parties. The BASE period of performance is to start as soon as possible but not later than 3 August 2026 and will end 31 March 2027. Security Clearance The work will be conducted at the NATO UNCLASSIFIED level. It is mandatory for the Contractor to be in possession of a NATO SECRET security clearance to enable access to relevant documentation and access to NATO facilities.

Bidding Instructions: Technical Proposal 1. Bidders shall include in the Technical Proposal: CV of candidate, focusing on qualifications defined section 10 in the Statement of work. 2. Compliance matrix referring how each candidate meets qualifications listed section 10 justified by relevant (project) experience to carry out the work listed section 3 in the Statement of work. Deadline Date: Tuesday 28 April 2026 Requirement: Intelligence Functional Services (INTEL-FS) Data Quality Remediation for Kosovo Force (KFOR) Location: Pristina, Kosovo [NOTE: Workable requires a location, and does not accept Kosovo locations as valid] Full Time On-Site: Yes Time On-Site: 100% Period of Performance: 2026: 1 June – 31 December Required Security Clearance: NATO SECRET   1. INTRODUCTION The JISR Centre’s (JISRC) Vision is to assure information superiority for NATO. Our Mission is to deliver, support and protect valued Intelligence, Surveillance and Reconnaissance (ISR) capabilities, expertise and services, to maximize operational effectiveness for NATO. Part of the JISRC portfolio is the delivery of the Intelligence Functional Services Spiral 2 (INTEL-FS SP2) project to all headquarters of the Allied Command Operations (ACO) and its missions. This includes the migration of the dataset of its predecessor, INTEL-FS SP1, into SP2. Since the implementation of INTEL-FS SP1 in HQ KFOR in 2016, KFOR J2 division have added several thousands of intelligence products and Battle Space Objects (BSO’s). The migration to SP2 requires a significant number of these records to be reviewed and sanitized. In 2025, a set of 3000 records was already reviewed and updated. After the 2025 update, a final set of 3,600 records have been identified for review and update of identified metadata fields. These records fall short of the quality standards as defined in the KFOR J2 Collation Standard Operating Procedures (SOP) and Standard Operating Instructions (SOI). Subject records are expected to cause migration issues in their current state. 2. SCOPE OF WORK The objective is to establish a sanitized and quality-controlled version of the KFOR baseline of the SP1 database that is ready for migration into SP2 by the end of Q4 of 2026. 3. DELIVERABLES The contractor shall deliver. Every month: A set of 600 updated records that are compliant with the quality standards as defined in the KFOR J2 Collation Standard Operating Procedures (SOP) and Standard Operating Instructions (SOI). These documents are classified NATO Restricted and shall be made available to the contractor on site at the start of the contract for compliance with the procedures and quality standards defined therein throughout the contracting period. At the end of this contract: A final set of 3,600 updated records that are compliant with the quality standards as defined in the KFOR J2 Collation Standard Operating Procedures (SOP) and Standard Operating Instructions (SOI). 3.1. Working Practices In order to deliver the record set detailed above, the Contractor is expected to: Participate in the Kick-off meeting: On June 1st, a kick-off meeting with the contractor, the KFOR J2 BSO manager and the NCIA POC will be held at KFOR HQ, to discuss deliverables and clarify any questions. Participate in weekly meetings: Every Friday morning, a team meeting will be held to review progress, address issues, and make necessary adjustments to the processes or production methodology potential issues. The meetings will be physically in the office. Remote stakeholders may connect via electronic means using Conference Call capabilities. Work closely with the J2 collation team who can provide immediate feedback on questions / issues to may arise. Track Progress: The Contractor shall use a shared spreadsheet to track the status of the records and associated issues. Participate in reviews where the NCIA project manager conducts a review of the contractor’s deliverables and identify areas for improvement. Propose improvements: The Contractor personnel shall establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent database modifications depending on NCIA and KFOR approval. The NCIA / KFOR Project team will provide guidance and direction on the methodology, SOP/SOI, tools and quality to be used. 4. SCHEDULE OF PAYMENT This task order will be active immediately after signing of the contract by both parties. The period of performance is as soon as possible but not later than 1st June 2026 and will end no later than 31 December 2026. Payments shall be dependent upon the successful acceptance of each deliverable. All Invoices shall be accompanied with a Delivery Acceptance Sheet (DAS, Annex A) signed by the Contractor and project authority. In 2026, the following deliverables are expected from the service as set in this statement of work: T0 is the start of Contractor’s work (estimated NLT 1 June 2026). The following deliverables are expected from the work on this statement of work: 2026 Baseline: 1 June to 31 December 2026 Deliverable 01: A set of 600 updated records Timelines: T0+1 months Acceptance Criteria: As per Section 5 Deliverable 02: A set of 600 updated records Timelines: T0+2 months Acceptance Criteria: As per Section 5 Deliverable 03: A set of 600 updated records Timelines: T0+3 months Acceptance Criteria: As per Section 5 Deliverable 04: A set of 600 updated records Timelines: T0+4 months Acceptance Criteria: As per Section 5 Deliverable 05: A set of 600 updated records Timelines: T0+5 months Acceptance Criteria: As per Section 5 Deliverable 06: A set of 600 updated records Timelines: T0+6 months Acceptance Criteria: As per Section 5 5. ACCEPTANCE CRITERIA The Contractor shall process a minimum of 600 records per month to ensure compliance with the applicable Standard Operating Procedures (SOPs) and Standard Operating Instructions (SOIs). Compliance will be verified through a 25% random spot check of the processed records conducted by the Client or an appointed representative. For acceptance, at least 95% of the checked records must fully meet the prescribed SOP and SOI requirements. Any non-compliant records identified during the spot check shall be corrected by the Contractor within five (5) business days at no additional cost. Final acceptance of the monthly deliverables is contingent upon successful verification of compliance as per these criteria. 6. CONSTRAINTS All the documentation provided under this statement of work will be based on NCIA templates or agreed with the project point of contact. All support, maintenance and documentation will be stored under configuration management and/or in the provided NCIA tools. All developed solutions under this project will be property of the NCIA. 7. SECURITY All Contractor personnel / Sub-contractors shall be aware of all security rules pertaining to the handling of NATO classified information. Personnel Security Clearance (PSC): A PSC, at the appropriate level, which is valid for the contractual period is required for the contractor personnel performing the contractual duties to access NATO Classified information. In addition, such individuals are required to: Have a need-to-know; Have been briefed on their security obligations in respect to the protection of NATO Classified Information; and Have acknowledged their responsibilities either in writing or an equivalent method which ensures non-repudiation. It will be required for the contractor access to Class II areas at KFOR facilities, therefore PSC at NATO SECRET level is required as from the start date of the contract. 8. PRACTICAL ARRANGEMENTS The work shall be performed 100% on-site at HQ KFOR, Pristina, Kosovo. Access to the relevant NATO/KFOR networks and software will be established as needed. The services will be delivered during the working hours of HQ KFOR: Monday to Saturday from 08:00 – 18:00. The Contractor personnel will be part of a team under the supervision of the NCIA Project Manager (PM) and the KFOR Systems Chief. The work depicted in this SOW is expected to be carried by a single resource. 9. TRAVEL The contractor will not be requested to travel beyond the main location of HQ KFOR. All travel arrangement in and out of Kosovo are to be arranged by the contracting company based on 3 round trips to KFOR. 10. QUALIFICATIONS [See Requirements] 11. GENERAL PROVISIONS A sole contractor must deliver these services. In the event that the contractor leaves during the contract period, a new contractor, who has the proven required qualifications and is evaluated qualified and suitable, shall replace him/her. The leaving contractor shall provide to the new contractor a training and handover of the performed history of the project. All normal NCIA Terms and Conditions apply. KFOR Regular Hours of Operations: Monday to Saturday 08:00 – 18:00 (CET) Contractor Furnished Services: Contractor shall furnish everything required to perform the contract except for the items specified and covered under NCIA / KFOR Furnished Property and Services below. NCIA / KFOR Furnished Property and Services: Access to relevant networks can be provided by NCIA / KFOR as agreed. Quotation is requested to be inclusive of all travel and per diem costs that are required for the work specified in this SOW. No additional costs will be charged.

Bidding Instructions Bidders shall submit a proposal (all four parts in one (1) document) clearly providing the following information: a. Cover page with the following information: • Company name, • Name(s) of assigned contactor personnel, • Role(s) and responsibilities assigned to each profiled contractor personnel. b. Evidence of successfully delivering one to three projects of similar scope to the statement of work within the last five years. Each evidence shall demonstrate proof of performance and be comparable in size and scope to the requirements of this role. Additionally, ensure to include a detailed case study that highlight the Purpose, Objective, Output and Outcome (PO3) mentioned in the table (Annex C). Evidence shall display the ability to manage and deliver standard conformance criteria and test reference components for ADatP-5658 by following customer requirements. c. CVs of the proposed contractor personnel for the project. d. Detailed effort estimation (exclusively provided for evaluation purposes) covering the following: • Estimated total labour and operational costs associated with the delivery of services, including licensing, hosting and travelling. • A breakdown of estimated effort per work package expressed in FTE, where 1 FTE represents one full-time resource working one standard working day (7.6 hours).   Deadline Date: Wednesday 22 April 2026 Requirement: ADatP-5658 Conformance Criteria and Test Reference System Design and Implementation Location: Off-Site (Remote, with occasional on-site work at NCIA The Hague (NLD)) Note: Please refer to your Subcontract Agreement, article 6.4.1.a, which states “Off-Site Discount: 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at- home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs Period of Performance: 1st July 2026 - 31st December 2026 Required Security Clearance: NATO SECRET   1. INTRODUCTION The NATO Information and Communication Agency (NCIA) located in The Hague, The Netherlands, is the Interoperability Assurance Authority for NATO. In the light of this responsibility, the Assurance Solutions Branch (ASB) of the Chief Quality Office is looking for a service contract which can provide NCIA with a complete definition of ADatP-5658 conformance criteria, plus a design and a prototype of ADatP-5658 test reference components. 2. OBJECTIVES The list below defines the overarching objectives of the engagement and establishes the intended outcomes that the Contractor is expected to achieve through the delivery of the different work packages described in this document. These objectives serve as the guiding principles against which all deliverables shall be measured. The Contractor is expected to align their approach, methodology, and resource planning with these objectives throughout the duration of the engagement. a. Participate in the refinement of ADatP-5658 standard. b. Develop conformance criteria for the ADatP-5658 standard, ensuring all conformance criteria provide full coverage of ADatP-5658, and are consistent with the standard and the agreed format. c. Establish a comprehensive understanding of ADatP-5658 intended use cases. d. Deliver an ADatP-5658 test reference system prototype capable of supporting the execution of interoperability tests with other capabilities for all ADatP-5658 intended use cases during NATO interoperability events. e. Provide ADatP-5658 test reference components compatible with the NCIA ASB INSPECT platform for Systems-to-Standards testing, enabling the execution of future conformance tests across all ADatP-5658 intended use cases. f. Support the utilization of the produced deliverables throughout the NATO interoperability events' conferences and execution phases. g. Ensure the documentation and maintenance of all produced deliverables. h. Update and expand the produced deliverables as necessary to accommodate new or revised requirements. 3. SCOPE OF WORK The Contractor shall provide the following deliverables classified per service: A. Service: Active participation in the refinement of ADatP-5658 standard. 1) Deliverable name: ADatP-5658 standard refinement engagement report Output: Engagement Report summarizing the participation in the refinement activities of ADatP-5658 standard. Outcome: An improved and more consistent ADatP-5658 standard definition that better supports interoperability, implementation, and alignment with the standard's objectives. Acceptance criteria: The report includes key decisions, action items and the Contractor's contributions. The Contractor's contributions support the clarification, improvement, or extension of the ADatP-5658 standard. Key performance indicators (KPIs): Report Completeness (%): Inclusion of all required sections (decisions, actions, contributions), target = 100%. Contribution Relevance Score (1-5): Stakeholder evaluation of usefulness of contributions, target ≥ 4.0. B. Service: Reviewing and update the existing conformance criteria of ADatP-5658 with the aim of achieving completeness and consistency. 1) Deliverable name: Updated ADatP-5658 conformance criteria list Output: An updated version of the ADatP-5658 conformance criteria that incorporates all required amendments and newly defined criteria covering the full standard, presented in the agreed-upon format. Outcome: A finalized and fully aligned set of ADatP-5658 conformance criteria ready for stakeholder use. Acceptance criteria: All amendments and new criteria are included in the updated document. All conformance criteria are deemed testable. The updated conformance criteria follow the agreed format consistently. The document is complete and ready for stakeholder review. Key performance indicators (KPIs): Completeness (%): Percentage of the standard covered by the acceptance criteria list, target = 100%. Testability Rate (%): Percentage of conformance criteria that are testable, target = 100%. Format Compliance (%): Adherence to agreed template/format, target ≥ 95%. Clarity Score (1-5): Stakeholder evaluation on clarity and readability, target ≥ 4.0. C. Service: Analyse and identify the different ADatP-5658 intended use cases. Deliverable name: ADatP-5658 use cases analysis report Output: An analysis report describing the range of intended application scenarios or use cases for ADatP-5658, with a particular focus on the types of interactions the standard enables or requires with other systems. Outcome: A clear understanding of how ADatP-5658 is expected to be applied across relevant scenarios, supporting informed decision-making for integration, implementation, and interoperability planning. Acceptance criteria: The report identifies and describes all relevant intended application scenarios. Interactions with other systems are clearly analysed and articulated for each scenario. The report is complete, well-structured, and suitable for stakeholder review. Key performance indicators (KPIs): Use Case Coverage (%): Percentage of relevant scenarios identified, target ≥ 95%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. Analysis Depth Score (1-5): Quality of scenario descriptions and interoperability insights, target ≥ 4.0. D. Service: Design and prototype an ADatP-5658 Test Reference System able to run interoperability tests against other capabilities, for all ADatP-5658 intended use cases, during NATO Interoperability events. 1) Deliverable name: ADatP-5658 Test Reference System design specification Output: A detailed design specification document describing the architecture, components, interfaces, and operational workflow of the ADatP-5658 test reference system. Outcome: A comprehensive and clearly defined system design that supports implementation, integration, and validation of the ADatP-5658 test reference system. Acceptance criteria: The document follows the System Design Specification Template provided by the NCIA POC. The document fully describes the system architecture, components, interfaces, and operational workflow. All design elements are presented clearly and consistently to support implementation. The specification is complete and suitable for stakeholder and technical review. Key performance indicators (KPIs): Template Compliance (%): Alignment with the System Design Specification Template, target ≥ 95%. Architecture Coverage (%): Percentage of required elements documented (components, interfaces, workflows), target ≥ 95%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. 2) Deliverable name: ADatP-5658 Test Reference System functional prototype Output: A functional prototype of the ADatP-5658 test reference system, capable of executing interoperability tests with other capabilities across all intended ADatP-5658 use cases during NATO Digital Interoperability Verification Experiment (DIVE) event. Outcome: Support of ADatP-5658 interoperability testing activities at NATO DIVE event to de-risk the standard. Acceptance criteria: The prototype can run interoperability tests for all intended ADatP-5658 use cases. The prototype successfully interfaces with and tests against other participating capabilities. The prototype is functional and ready for use during NATO Interoperability events. Key performance indicators (KPIs): Use Case Execution Coverage (%): Percentage of use cases supported by prototype, target = 100%. System Stability (Failure Rate %): Failed executions during DIVE event, target ≤ 10%. 3) Deliverable name: ADatP-5658 Test Reference System operational version Output: A fully functional version of the ADatP-5658 Test Reference System, providing a complete, operational implementation ready to entirely support ADatP-5658 interoperability testing and validation. Outcome: Complete support of ADatP-5658 interoperability testing activities at future NATO interoperability events. Acceptance criteria: The new version can support the validation of all the interoperability scenarios defined in ADatP-5658 standard. All approved changes, enhancements, and new requirements gathered during the usage of the ADatP-5658 Test Reference System prototype are incorporated into the new version. Key performance indicators (KPIs): Scenario Validation Coverage (%): Percentage of ADatP-5658 scenarios supported, target = 100%. System Stability (Failure Rate %): Failed executions during interoperability testing activities, target ≤ 5%. 4) Deliverable name: ADatP-5658 Test Reference System documentation set Output: An up-to-date documentation set encompassing all the relevant information regarding the ADatP-5658 Test Reference System, including architecture diagrams, workflow charts, user guides, and other relevant reference materials, provided in the format requested by the NCIA POC. Outcome: A complete and well-organized collection of documentation that supports understanding, use, maintenance, and evaluation of all ADatP-5658 Test Reference System. Acceptance criteria: All documentation (diagrams, workflows, guides, and reference materials) is included, complete, and up to date. The documentation follows the format and structure requested by the NCIA POC. The documentation set is clear, well-organized, and suitable for stakeholder use. Key performance indicators (KPIs): Documentation Completeness (%): Coverage of all required materials, target = 100%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. 5) Deliverable name: Future ADatP-5658 Test Reference System and reference components enhancements and scalability recommendations Output: A set of recommendations outlining potential future functional and non-functional future enhancements of the ADatP-5658 Test Reference system and reference components. Outcome: A clear, forward-looking set of improvement and guidelines that inform the design and development of the future versions of the ADatP-5658 Test Reference and system reference components. Acceptance criteria: Recommendations address both functional and non-functional future enhancements. Each recommendation is clearly explained and supported with rationale. The set of recommendations is complete and suitable for informing future development planning. Key performance indicators (KPIs): Coverage of Recommendations (%): Percentage of functional and non-functional aspects addressed, target = 100%. Recommendation Quality Score (1-5): Stakeholder evaluation on clarity, feasibility and technical depth, target ≥ 4.0. E. Service: Design and implement the required ADatP-5658 test reference components to run any future conformance tests related to all the identified intended use cases, as well as to integrate in the NCIA ASB INSPECT platform. 1) Deliverable name: ADatP-5658 Test Reference Components design specification Output: A detailed design specification document describing the architecture, components, interfaces, and operational workflow of the ADatP-5658 test reference components, including the integration approach with the NCIA ASB INSPECT platform. Outcome: A comprehensive and clearly defined system design that supports the implementation and integration of the ADatP-5658 test reference components with the NCIA ASB INSPECT platform. Acceptance criteria: The document follows the System Design Specification Template provided by the NCIA POC. The document fully describes the architecture, components, interfaces, operational workflow, and integration approach with the ASB INSPECT platform. All design elements are presented clearly and consistently to support implementation and integration activities. The specification is complete and suitable for stakeholder and technical review. Key performance indicators (KPIs): Template Compliance (%): Alignment with the System Design Specification Template, target ≥ 95%. Architecture Coverage (%): Percentage of required elements documented (components, interfaces, workflows), target ≥ 95%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. 2) Deliverable name: ADatP-5658 Test Reference Components functional implementations Output: Functional implementations of the ADatP-5658 test reference components, capable of executing conformance tests across all identified intended use cases and operable under the management of the NCIA ASB INSPECT platform. Outcome: A working set of test reference components that can run conformance tests for all intended ADatP-5658 use cases and integrate seamlessly with the ASB INSPECT platform for orchestration and management. Acceptance criteria: The components can execute conformance tests for all identified ADatP-5658 intended use cases. The components can be fully managed and controlled from the NCIA ASB INSPECT platform. The implementations are functional, stable, and ready for stakeholder evaluation. Key performance indicators (KPIs): Use Case Test Coverage (%): Percentage of ADatP-5658 scenarios supported, target = 100%. INSPECT Platform Integration Success Rate (%): Percentage of successful actions that the reference components can execute in integration with the INSPECT platform, target ≥ 95%. System Stability (Failure Rate %): Failed executions during testing activities, target ≤ 5%. 3) Deliverable name: ADatP-5658 automated conformance test samples Output: A set of ADatP-5658 automated conformance test samples designed to validate the test reference components across all identified intended use cases, including tests that verify integration with the NCIA ASB INSPECT platform. Outcome: A representative suite of automated conformance tests that demonstrates test coverage for all intended ADatP-5658 use cases and confirms correct integration with the ASB INSPECT platform. Acceptance criteria: The test samples cover all identified ADatP-5658 intended use cases. The test samples include scenarios validating integration with the NCIA ASB INSPECT platform. The test set is complete and clearly documented, including test setup and test execution instructions. Key performance indicators (KPIs): Use Case Test Coverage (%): Percentage of ADatP-5658 use cases covered with automated tests, target = 100%. Test Documentation Completeness (%): Coverage of all required materials, target = 100%. 4) Deliverable name: ADatP-5658 Test Reference Components Documentation Set Output: An up-to-date documentation set encompassing all the relevant information regarding the ADatP-5658 Test Reference Components, including architecture diagrams, workflow charts, user guides, and other relevant reference materials, provided in the format requested by the NCIA POC. Outcome: A complete and well-organized collection of documentation that supports understanding, use, maintenance, and evaluation of all ADatP-5658 Test Reference Components. Acceptance criteria: All documentation (diagrams, workflows, guides, and reference materials) is included, complete, and up to date. The documentation follows the format and structure requested by the NCIA POC. The documentation set is clear, well-organized, and suitable for stakeholder use. Key performance indicators (KPIs): Documentation Completeness (%): Coverage of all required materials, target = 100%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. F. Service: Provide support for the NATO Interoperability events' conferences and execution phases. 1) Deliverable name: ADatP-5658 Test Reference System architecture & workflow presentation Output: A set of slides describing the architecture and operational workflow of both the ADatP-5658 test reference components and the overall test reference system. Outcome: A clear and visually structured presentation that communicates how the test reference components and system are designed and operate, supporting stakeholder understanding and discussion. Acceptance criteria: The slides clearly describe the architecture and operational workflow of both the test reference components and the test reference system. The content is accurate, well-structured, and easy to understand. The slide deck is complete and suitable for presentation to stakeholders. Key performance indicators (KPIs): Content Completeness (%): Coverage of all the systems, components and workflows, target = 100%. Clarity & Structure Score (1-5): Stakeholder evaluation on clarity and structure, target ≥ 4.0. 2) Deliverable name: ADatP-5658 Test Environment setup and troubleshooting Output: Support to NCIA in all test environment setup activities related to the ADatP-5658 Test Reference System and its test environment, including assistance with troubleshooting and resolving any issues that arise. Outcome: A fully prepared and operational test environment enabling effective execution of ADatP-5658 testing activities, with issues identified and resolved in a timely manner. Acceptance criteria: Test environment setup tasks for the ADatP-5658 Test Reference System are completed as required. Troubleshooting support is provided promptly, with issues effectively diagnosed and resolved. The environment is confirmed operational and ready for NCIA testing activities. Key performance indicators (KPIs): Setup Completeness (%): Percentage of the test environment ready for usage, target = 100%. Average Issue Resolution Time (hours): Average time to fully fix any test environment related issues, target ≤ 24 hours. 3) Deliverable name: On-site operation of the ADatP-5658 Test Reference System during the NATO Digital Interoperability Verification Experiment (DIVE) event Output: On-site operation of the ADatP-5658 Test Reference System to support the execution of interoperability tests throughout the DIVE execution phase at NCIA The Hague, The Netherlands. Outcome: Consistent and reliable operation of the Test Reference System, enabling successful execution of interoperability tests during the events. Acceptance criteria: The Test Reference System is operated reliably throughout the event's execution phase. Interoperability tests are supported and executed as required. Any operational issues are addressed promptly to maintain test continuity. Key performance indicators (KPIs): System Uptime (%): System availability during the event, target ≥ 95%. Average Issue Resolution Time (hours): Average time to fully fix any operational issues, target ≤ 1 hour. Travel requirements: At least one member of the Contractor's personnel shall be present, onsite, at NCIA The Hague, The Netherlands, from 5 to 9 October 2026. 4. DELIVERABLES COMPATIBILITY The expected deliverables shall be fully compatible with the INSPECT platform and its underlying technology stack. Accordingly, the following requirements shall be met: It is strongly recommended to implement the ADatP-5658 test reference system using .NET technology. Any other technology selection shall be agreed with the NCIA POC. The test reference components can be implemented in any suitable technology, if previously agreed with the NCIA POC. The test reference components shall be delivered as one or more Linux-based Docker containers. The deployment instructions shall be delivered as a Docker Compose file. All conformance test samples shall be implemented using Robot Framework. Any custom Robot Framework libraries shall be implemented in Python version 3.14 or higher. All the deliverables shall comply with the security requirements instructed by the NCIA POC. 5. WORK PACKAGES DELIVERY SCHEDULE The list below defines the delivery schedule for all work packages under this statement of work. Each work package represents a discrete and manageable unit of work, comprising one or more deliverables that together contribute to the overall objectives of the engagement. For each work package, the Contractor shall deliver the specified outputs within the indicated target delivery date and in accordance with the defined acceptance criteria. The delivery schedule shall serve as the baseline against which progress is monitored, reported, and managed throughout the duration of the engagement. The Work Packages Delivery Schedule and the scope of outputs may be subject to modification in the event of unforeseen circumstances or changes in the needs and requirements of NCIA customers, provided that such modifications do not affect the total price of the bid. Any such modifications shall be made by mutual agreement between NCIA POC and the Contractor and shall be documented in writing. Any modification to the percentage of individual work packages shall be permitted if agreed between NCIA POC and the Contractor in writing, provided that the total aggregate percentage of all work packages equals 100%. 2026 BASE: 1st July 2026 – 31st December 2026 Work Package 01 — Target Delivery Date: 1 month after the start of the assignment — Bid Percentage: 14%. Deliverables: C1 - ADatP-5658 use cases analysis report; D1 - ADatP-5658 Test Reference System design specification; E1 - ADatP-5658 Test Reference Components design specification. Work Package 02 — Target Delivery Date: 2nd October 2026 — Bid Percentage: 35%. Deliverables: D2 - ADatP-5658 Test Reference System functional prototype; F1 - ADatP-5658 Test Reference System architecture & workflow presentation; F2 - ADatP-5658 Test Environment setup and troubleshooting. Work Package 03 — Target Delivery Date: 5th–9th October 2026 — Bid Percentage: 5%. Deliverables: F3 - On-site operation of the ADatP-5658 Test Reference System during NATO DIVE event. Work Package 04 — Target Delivery Date: 30th November 2026 — Bid Percentage: 7%. Deliverables: B1 - Updated ADatP-5658 conformance criteria list. Work Package 05 — Target Delivery Date: 15th December 2026 — Bid Percentage: 7%. Deliverables: D4 - ADatP-5658 Test Reference System documentation set; D5 - Future ADatP-5658 Test Reference System enhancements and scalability recommendations; E4 - ADatP-5658 Test Reference Components documentation set. Work Package 06 — Target Delivery Date: 15th December 2026 — Bid Percentage: 14%. Deliverables: E2 - ADatP-5658 Test Reference Components functional implementations; E3 - ADatP-5658 conformance test samples. Work Package 07 — Target Delivery Date: 15th December 2026 — Bid Percentage: 14%. Deliverables: D3 - ADatP-5658 Test Reference System operational version. Work Package 08 — Target Delivery Date: 31st December 2026 — Bid Percentage: 4%. Deliverables: A1 - ADatP-5658 standard refinement engagement report. 6. PAYMENT MILESTONES AND PROOFS OF DELIVERABLE The following proofs of deliverable are expected from this statement of work: a. The payment shall be dependent upon successful acceptance of the deliverable completion report and the Delivery Acceptance Sheet (DAS) – (Annex A). b. Final payment for each deliverable shall be determined in accordance with the extent to which the defined KPIs for that deliverable have been achieved (Annex B) c. KPI validation shall be performed by NCIA POC. d. The Contractor may invoice 1 or more work packages together. e. The invoiced amount shall be equal to the sum of the agreed total bid percentages stated in the latest agreed Work Packages Delivery Schedule. f. Invoices shall be accompanied with a Delivery Acceptance Sheet (Annex A) signed by the Contractor and the NCIA POC, or the assigned Service Delivery Manager. g. The work packages cannot be invoiced before its defined payment milestone: Work Package 01: Payment Milestone: 1 month after the start of the assignment Work Packages 02, 03: Payment Milestone: 15th October 2026 Work Package 04: Payment Milestone: 30th November 2026 Work Packages 05, 06, 07, 08: Payment Milestone: 31st December 2026 7. COORDINATION AND REPORTING a. The Contractor shall deliver services under the guidance of the INSPECT team, within the Assurance Solutions Branch. b. The Contractor shall deliver services remotely, unless the deliverable explicitly stated on-site delivery in the indicated location. c. For each work package to be considered as complete and payable, the Contractor must report the outcome of their work (Deliverable Completion Report) by email to the appointed NCIA POC. d. The Deliverable Completion Report shall be subject to review by the NCIA POC, who shall provide a response including the evaluation of the applicable KPIs for the relevant deliverable. 8. SECURITY e. Performance of the services described in this SOW require a valid NATO SECRET security clearance prior to the start of the engagement. f. It is the responsibility of the contracting company to obtain and maintain the security accreditation of all individuals working on this arrangement. 9. CONSTRAINTS a. All the documentation provided under this statement of work shall be based on NCIA templates or the format agreed with the NCIA POC. b. All scripts, documentation and required code shall be stored under NATO Software Factory platforms and tools. 10. PRACTICAL ARRANGEMENTS a. This is a deliverables-based contract. b. The Contractor shall be provided user account for access to the NATO Software Factory (Azure DevOps). c. This SOW requires scheduled travel as detailed in Section 3.F. The travel, lodging and associated expenses for travel are included in the total price of the bid, such that NCIA shall not be invoiced. d. Extraordinary Travel (Purchaser Directed Travel) may be required to other NATO or non-NATO locations as necessary. In the event of such unforeseen meetings being called, the cost of all travel and subsistence will be addressed through a contract amendment. e. Extraordinary Travel expenses will be reimbursed in accordance with Article 5.5 of AAS+ Framework Contract. Such costs will be set as a separate PO line with a not to exceed value to cover and reimburse of actual expenses upon submissions of all receipts and invoices in line with NCIA processes. f. The services depicted in this SOW are expected to be carried by either one contractor personnel or a team of contractors for the duration of the agreement. It is up to the bidder to propose the size of the team that delivers the services and produces the deliverables within the time lines allocated. 11. QUALIFICATIONS [See Requirements] Annex B: KPI-to-payment mapping model This Annex establishes the mechanism by which the achievement of defined Key Performance Indicators (KPIs) shall be mapped to the payment due for each deliverable under this Statement of Work. It describes how KPI results will be evaluated and applied for the purpose of determining the final payable amount. Overall Payment Model For each deliverable: • 70% Fixed Payment shall be released upon formal acceptance, subject to the deliverable meeting the applicable acceptance criteria. • 30% Variable Payment shall be contingent upon KPI performance. Each KPI applicable to a deliverable shall be assigned an equal weighting within the 30% variable payment component (KPI Weight). The proportion of each KPI Weight payable shall be determined in accordance with the KPI scoring bands set out below. Meets or exceeds target (100% target met): 100% of KPI weight Minor deviation (90–99% target met): 90% of KPI weight Moderate deviation (80–89% target met): 75% of KPI weight Significant deviation (70–79% target met): 50% of KPI weight No compliance (< 70% target met): 0% of KPI weight Summary: Total Payment = Fixed Component + Variable Component Where: • Fixed Component = 70% of deliverable value • Variable Component = Sum of (KPI Weight × Percentage of KPI weight)

Deadline Date: Monday 13 April 2026 Requirement: Cloud Engineer (Intune Device Management) Location: Off-Site Note: Please refer to your Subcontract Agreement, article 6.4.1.a, which states “Off-Site Discount: 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at- home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs Period of Performance:  18 May – 31 December 2026 Start date is as soon as possible but not later than 18 May 2026 Required Security Clearance: NATO SECRET 1 INTRODUCTION Supporting NATO throughout all its geographical locations, the NCI Agency is looking for a Cloud Engineer (Intune Device Management), joining the journey of NATO’s modernisation of IT services, through leveraging the public cloud (Microsoft Azure, M365 and Amazon AWS), delivering managed, protected, security-centric and reliable IT Services. NCI Agency – Cloud Operations Team The NATO Communications and Information Agency (NCI Agency) is dedicated to supporting NATO's strategic objectives, including the ambitious NATO 2030 agenda. As part of this commitment, we are spearheading the modernization and digital transformation of NATO’s IT services. Our focus is on leveraging public cloud technologies like Microsoft 365 and Intune, incorporating a security‐by‐design approach, and ensuring a seamless transition to a modern, collaborative workplace environment. To achieve these goals, we are building a Cloud Operations team under the Cloud Center of Excellence, operating under the NATO Enterprise Cloud Operating Model (NECOM). The NECOM framework provides a standardized approach for cloud service management, ensuring interoperability, scalability, and security across NATO's IT infrastructure. The Cloud Center of Excellence will serve as a hub for best practices, innovation, and expertise, driving the adoption and optimization of cloud technologies within NATO. This team will play a crucial role in our journey towards providing managed, protected, and reliable End User Services. Embracing the latest technological advancements, this initiative will foster innovation and ensure NATO remains at the cutting edge of IT capabilities. By continuously evolving and integrating new technologies, we aim to enhance operational efficiency and readiness for future challenges. This remote position offers an exciting opportunity to be at the forefront of NATO's technological evolution and contribute to the security and efficiency of our operations. NCI Agency – Cloud Centre of Excellence (CCoE) The Cloud Centre of Excellence (CCoE) within the NCI Agency is focused on driving successful cloud adoption and maximizing the potential of cloud technologies across the organization. It serves as a central governing body, promoting best practices, enabling knowledge sharing, and ensuring alignment between business objectives and cloud initiatives. The CCoE supports various cloud‐based solutions, ensuring their effective and efficient implementation and management. By fostering a culture of continuous improvement and innovation, the CCoE helps the NCI Agency leverage cloud technologies to enhance operational efficiency, scalability, and agility. The NCI Agency is seeking for a highly skilled Cloud Engineer (Intune Device Management) to join our IT team. The Intune Device Management Specialist will be responsible for managing the deployment, security, and compliance of corporate devices using Microsoft Intune. This role involves developing and enforcing device management policies, automating administrative tasks, and ensuring the overall health and security of managed devices. You will contribute to the seamless operation of our IT services by leveraging the full capabilities of Microsoft Intune, ensuring that our device infrastructure is secure, efficient, and compliant with NATO and National Security policies. This position requires a deep understanding of device management, security configurations, and compliance standards. You will work closely with various IT teams to support and optimize our Intune environment. The ideal candidate will have extensive experience with Intune, strong problem-solving skills, and a commitment to continuous improvement. You will be responsible for configuring and managing device policies, deploying applications, and monitoring device health. Additionally, you will develop and maintain automation scripts to streamline management processes, ensuring efficient operation and reducing manual intervention. Your expertise will be crucial in maintaining the security and compliance of our device fleet, protecting sensitive organizational data, and ensuring adherence to best practices and security accreditations. You will also play a key role in troubleshooting and resolving complex technical issues, providing expert support to end-users and IT staff. Furthermore, you will be responsible for generating and analyzing reports on device compliance and usage, providing valuable insights into the health and security of our device fleet. If you are a motivated specialist with a passion for device management and security, we invite you to  apply and join our dynamic team, contributing to the secure and efficient operation of our IT services. 2 OBJECTIVES The NCI Agency is embracing cloud services by transitioning to Microsoft 365 with a security‐centric design. This shift aims to enhance operational efficiency, collaboration, and security across the organization. We are looking for individuals with strong knowledge, a willingness to learn, and a desire to grow as part of this new challenge. The objective of this statement of work is to establish a support and operating model for End User Services operating in the Public Cloud, with a focus on Microsoft 365 services. 3 SCOPE OF WORK Under the direction / guidance of the local NCIA Point of Contact or the Cloud Ops Operations Manager, the Cloud Engineer (Intune Device Management) will be supporting the following activities: 1) Device Management Policies: a) Configure and manage comprehensive device management policies using Microsoft Intune. b) Ensure device and data security across the organization. 2) Application Deployment: a) Oversee the deployment and management of applications and software updates through Intune. b) Ensure devices remain secure, up-to-date, and performant. 3) Conditional Access Policies: a) Implement and manage conditional access policies and device compliance settings. b) Protect sensitive organizational resources based on user and device risk levels. 4) Troubleshooting and Support: a) Provide expert troubleshooting and technical support for device enrollment, configuration, and management issues. b) Ensure a seamless user experience. 5) Device Health Monitoring: a) Regularly monitor the health and security posture of managed devices. b) Proactively address vulnerabilities and compliance deviations. 6) Automation and Scripting: a) Develop and maintain automation scripts and tools to streamline Intune management processes. b) Enhance operational efficiency. 7) Device Lifecycle Management: a) Collaborate with hardware vendors and procurement teams to manage the lifecycle of corporate-owned devices. b) Oversee the acquisition, management, and retirement of devices. 8) App Protection Policies: a) Configure and enforce Intune app protection policies to secure corporate data on both company-owned and personal (BYOD) devices. b) Ensure data protection and compliance. 9) Reporting and Analysis: a) Generate and analyze reports on device compliance, usage, and management activities. b) Provide insights into device fleet health and security. 10) Collaboration with IT Support: a) Work closely with the IT support team to resolve complex device-related issues. b) Serve as a subject matter expert in mobile device management. 11) Documentation and Training: a) Maintain comprehensive documentation for Cloud Operations processes, configurations, and workflows. b) Provide training and support to other staff as required for knowledge and information sharing. 12) Collaboration and Communication: a) Collaborate with IT security, compliance, and other relevant teams to ensure cohesive Cloud Operations strategies. b) Communicate effectively with internal stakeholders to understand requirements and address concerns. The contractor will be part of a team providing Technical Level 2 and 3 support, ensuring the secure, available, managed and compliant delivery of Public Cloud Services to NATO and its Strategic Commands. The contractor will work primarily remotely, providing services during Core working hours of the Cloud Operations team (Brussels / BEL). The measurement of execution for this work is sprints, with each sprint planned for a duration of 1 week. 4 DELIVERABLES AND PAYMENT MILESTONES The following deliverables are expected from the work on this statement of work: Deliverable 01: 25 sprints Payment Milestones: Upon completion of each fourth sprint and at the end of the work. The NCIA team reserves the possibility to exercise a number of options, based on the same scrum deliverable timeframe and cost, at a later time, depending on the project priorities and requirements. The payment shall be dependent upon successful acceptance of the Delivery Acceptance Sheet (DAS) – (Annex B) including the EBA Receipt number Invoices shall be accompanied with a Delivery Acceptance Sheet (Annex B) signed by the Contractor and project authority. 5 COORDINATION AND REPORTING The contractor shall participate in daily status update meetings, activity planning and other meetings as instructed, physically in the office, or in person via electronic means using Conference Call capabilities, according to the Operation Managers / Team Leaders instructions. For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in written within three (3) days after the sprint’s end date. The format of this report shall be a short email to the NCIA Point of Contact mentioning briefly the work held and the development achievements during the sprint. 6 SCHEDULE This task order will be active immediately after signing of the contract by both parties The period of performance is as soon as possible but not later than 18 May and will end no later than 31 December 2026. 7 CONSTRAINTS All the deliverables provided under this statement of work will be based on NCI Agency templates or agreed with the project point of contact. All code, scripts, documentation, etc. will be stored under configuration management and/or in the provided NCI Agency tools. 8 SECURITY The duties of the consultants require a valid NATO SECRET security clearance. All the deliverables of this project will be considered NATO UNCLASSIFIED, while access to networks exceeding this classification level is required. With this role being of technical nature providing administrative support, a security clearance at the NATO Secret level is required prior to the start of the engagement. 9 PRACTICAL ARRANGEMENTS The contractor will be required to work primarily remote as part of this engagement. The Cloud Operations Team is located in BRUSSELS / BEL and THE HAGUE / NLD, with working hours to be adjusted accordingly. The contractor will be required to work within a NATO country, following the rules and regulations applicable for the operations of NATO CIS. The only travelling required is on the first day for the selected candidate to collect their IT equipment. Apart from this, travelling will be minimum to almost none. Travel arrangements will be the responsibility of the contractor and the expenses will be reimbursed in accordance with Article 5.5 of AAS Framework Contract and within the limits of the NCIA Travel Directive. This individual hired for this position will be part of the NCIA Cloud Operations Team.

Role Description Provide support to Project Managers (PM) and Operations Specialists of the Operations Support (OSS) Branch, and other PMs or JISR administrative team on an as-need basis. - Provide support to PMs for Acquisition, Service Now Dashboards, Coordination of meetings, Follow-up of procurements and internal reviews, request new- or extend Reach accounts and laptops for contractors. - Monitor & control non-complex small projects. - Coordinate and participate in multidisciplinary meetings. Qualifications - The candidate must have a currently active NATO SECRET security clearance. - Higher vocational training in a relevant discipline with 5 years post-related experience or a secondary educational qualification with 5 years post-related experience in supporting the administrative parts for a team of project managers. - Holds a formal Project Management qualification such as PRINCE 2 or PMI PMP, or proven relevant experience. - Must have the ability to work with a team of Project Managers and Operational Specialists, supporting them in the development, monitoring and reporting of project plans, costs plans, resource allocations, and procurement activities. - Must demonstrate the ability to work pro-actively and independently on the assigned tasks, for which a level of familiarity with the specific programmes is required. - Must have in-depth knowledge of MS-Office tools. - Must have a strong knowledge of project administration tasks such as documentation requirements, project development task flows from start-up to closure, supporting projects delivery within agreed scope, time, cost and quality limits. - Must have recent experience of the administration and management of assigned projects in accordance with appropriate NATO regulations and NCIA project management policies and procedures. - Must demonstrate current experience with NATO Security Investment Programme (NSIP) process (including specifically Type-B Cost Estimate, Scope Change letters, Joint Final Acceptance Inspection). - Experience in supporting Project Managers for NCIA Third Party projects for NAPMA, NSPA, NAEW Force and SHAPE. - Must demonstrate experience with NCIA Procurement Types (Basic Ordering Agreement, Indefinite Delivery Indefinite Quantity, Invitation for Bid). - Must demonstrate in-depth experience in using Enterprise Business Application (EBA), Service Now, and Neo E-Procurement. - Must demonstrate experience in NCIA Orderbooks, Service Now Dashboards, other Service Now Dashboards and Reporting tools. - Experience in maintaining SharePoint workspace and portals. - Demonstrates excellent written and oral communication skills in English. Requirements - Required Start Date: 11 May 2026 - End Contract Date: 31 December 2026 - Required Security Clearance: NATO SECRET Benefits - Off-Site Discount: 5% applicable to all requirements when assigned personnel are permitted to work Off-Site.

Bidding Instructions -Technical Proposal Bidders shall submit a proposal clearly providing the following information: a. CV and attestation of the assigned resource(s) for the project that meet the requirements as per Section 8. Each CV shall contain accurate contact details for reference person for each of the listed professional experiences relevant to this Statement of Work b. The Proposal shall contain also, minimum the following: - Contributing to or interpreting Allied Joint Doctrine and/or similar national doctrine from a NATO Nation: list at least two specific projects in the last 5 years that demonstrate this experience, including details about objective, output, outcome and your role. - Identification and definition of Information Exchange Requirements: list at least two specific projects in the last 5 years that demonstrate this experience, - Implementing or developing NATOs Federated Mission Networking Concept and Governance Framework: list at least two specific projects in the last 5 years that demonstrate this experience, - Experience in using, and updating a Wikimedia Semantic Media Wiki platform and a Bugzilla Issue Tracking Platform: list at least two specific projects in the last 5 years that demonstrate this experience with examples of pages/sites where this experience has been demonstrated - Prior experience of working in international and military environments. Provide a summary list with dates. Deadline Date: Monday 9 March 2026 Requirement: FMN NCSaaA Analysis Support for OCWG 2026 Location: Off-Site Note: Please refer to your Subcontract Agreement, article 6.4.1.a, which states “Off-Site Discount: 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at- home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs Period of Performance: As soon as possible but not later than 23 March 2026 until 31 Dec 2026 Required Security Clearance: NATO SECRET   1 OVERALL PROJECT SCOPE The Chief Technology Officer (CTO) of NCI Agency has a requirement for off-site support to the ACOS J6 of Allied Command Operations (ACO). The support is required to assist ACO with their representation of the NATO Command Structure as an Affiliate (NCSaaA) within the Federated Mission Networking (FMN) Operational Coordination Working Group (OCWG). NCI Agency is providing support to the ACO funded portion of the management and working group structures that support the direction and development of the FMN Framework; As a permanent FMN management body the FMN OCWG is responsible for ensuring coherence between the operational user community requirements and the provided FMN Service Portfolio; This requirement is for business architecture/business analysis/operational analysis services to support the activities of the OCWG working in the areas of the Interoperability Operational Requirements, Operational Process Definition and IER Development including the representation of the NCSaaA at FMN events. 2 TASKS FOR FMN NCSaaA ANALYSIS SUPPORT The services to be provided are as follows: - Provision of operational analyses services to support the collection, prioritization and consolidation of NCSaaA Interoperability Operational Requirements (IORs) for inclusion within the FMN Operational Requirements process; - Provision of operational analysis services to support operational NCSaaA Subject Matter Experts (SMEs) across communities of interests that are participating in the FMN Inter-Working Groups (IWG) Syndicates developing Information Exchange Requirements (IERs) and Procedural  Instructions (PIs); - Support to the identification and management of the IERs, both functional and non-functional requirements, and engage and maintain communication with FMN stakeholders; - Analysis services to provide relevant inputs to the FMN Spiral Specification Roadmap, particularly the linkage between IORs and Capability Enhancements (CPEs); - Representation of NCSaaA in OCWG meetings and other fora. 3 ACTIVITIES AND DELIVERABLES 3.1 Activities (Non-Deliverable) The business analysis/operational analysis services to be provided are as follows: - Support the Representation of NCSaaA within the FMN Operational Coordination Working Group (OCWG); - Provide analytical services to support the OCWG framework development activities at the front end of the FMN Process defining the operational drivers for the interoperability architecture; - Provide assistance to IWG Syndicates with the task of defining operational processes drawn from Allied doctrine; - Support the derivation and maintenance of NCS Affiliate Operational Requirements for inclusion within the FMN Operational Requirements process; - Analyse processes and identify information exchange requirements, functional and non-functional requirements; - Manage the Interoperability Operational Requirements, functional and non- functional requirements; - Provide services to support the preparation of products for FMN OCWG meetings; - Provide attendance and support of routine meetings of the OCWG: Up to 4 meetings, one per Quarter, max 5 days in person per meeting (3 x Europe, 1 x North America); - Provide attendance and participation at FMN Sprint meetings: Up to 4 meetings, one per quarter, max 4 days in person per meeting (3 x Europe, 1 x North America); - Provide attendance and support in IWG Syndicate Meetings: Up to 3 meetings, max 3 days in person per meeting (Europe); - Provide participation in NCSaaA Coordination Meetings: Up to 2 meetings, max 3 days in person per meeting (Mons); - Provide participation in NCSaaA Coordination Meetings: Up to one meeting, max 4 days in person per meeting (Europe) - Provide attendance and support monthly virtual Intra-Working Group Coordination Meetings; Activities listed in Section 3.1 are descriptive in nature. The Contractor’s contractual obligations are limited to the delivery of the outputs explicitly defined in Section 3.2 (Deliverables), subject to acceptance by the NCI Agency. 3.2 Deliverables The following specific deliverables are expected from this support: Q2 Deliverables D000 - OCWG FMN NCSaaA Support activity plan for 2026 Description: Prepare a high-level activity plan outlining the OCWG FMN Framework Support activities for the 2026 period of performance. The plan will summarize the tasks, coordination activities, meetings, travel, and key milestones required to support execution, stakeholder engagement, and monitoring of deliverables throughout the year, serving as the baseline reference for planning and reporting. Deliverable: The Contractor shall deliver a text report detailing the activity plan for the period of performance. The deliverable shall include the plan including: a) Tasks, b) Activities, c) Events (Meetings, Travel Dates) d) Milestones (deliverables). e) Risks and Issues Deadline: 2 weeks after contract start. Format: MS Word Document Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Risks and issues are clearly identified. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator D001 - NCSaaA Support to IWG Syndicates Q2 Description: The Contractor shall provide facilitation and coordination support to the IWG C2 and IWG CIMIC Syndicates under OCWG governance, including support to SSRM 2026 and Spiral 7 development activities. Tasks (Activities – not deliverables): The Contractor shall: - Facilitate weekly or bi-weekly IWG meetings. - Prepare meeting agendas and supporting materials. - Liaise with relevant FMN governance bodies (e.g., CPWG, FMN Secretariat). - Support contributions to Tidepedia related to SSRM and Spiral 7 specifications. - Support IWG Leads in coordination, planning, and reporting activities. Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q2 2026) The deliverable shall include: a) Executive Summary b) Summary of facilitation and stakeholder coordination activities performed c) Status of SSRM 2026-related activities d) Status of Spiral 7 initial development (PIs) e) Identified risks, issues, and mitigation actions g) Annexes: Presentation on SSRM 2026 guidance (as delivered to IWG); Presentation on Spiral 7 PIs; Presentation delivered to OCWG on syndicate progress Deadline: End Q2. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when:  All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. Annexed presentations are included. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator D002 – NCSaaA Support to IOR Development Q2. Description: The Contractor shall provide support to the OCWG Core Team for the management and maintenance of the Interoperability Requirements Data Set. Tasks (Activities – not deliverables): The Contractor shall: - Participate in the management of IORs in the wiki: Support the review of the IOR specifications status; Update the IOR quality attributes input in the IOR wiki; Ensure new IORs are included in the wiki - Prepare a Presentation on the Operational Requirements Management Process to be delivered at the OCWG Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q2 2026) The deliverable shall include: a) Executive Summary b) Summary of support provided to the to the OCWG Core Team c) List the IORs identifying status of the review (complete, pending) d) Summary of IOR Quality Attribute Completion (%) per IOR e) Identified risks, issues, and mitigation actions f) Annex: Presentation on the Operational Requirements Management Process to be delivered at the OCWG Deadline: End Q2. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. PPT Annex is provided. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator Q3 Deliverables D003 - NCSaaA Support to IWG Syndicates Q3 Description: The Contractor shall provide facilitation and coordination support to the IWG C2 and IWG CIMIC Syndicates under OCWG governance, including support to Spiral 7 development activities. Tasks (Activities – not deliverables): The Contractor shall: - Facilitate weekly or bi-weekly IWG meetings. - Prepare meeting agendas and supporting materials. - Liaise with relevant FMN governance bodies (e.g., CPWG, FMN Secretariat). - Support contributions to Tidepedia related to Spiral 7 specifications. - Support IWG Leads in coordination, planning, and reporting activities. Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q3 2026) The deliverable shall include: a) Executive Summary b) Summary of facilitation and stakeholder coordination activities performed c) Status of Spiral 7 initial development (PIs) d) Identified risks, issues, and mitigation actions f) Annexes: Presentation on Spiral 7 PIs; Presentation delivered to OCWG on syndicate progress Deadline: End Q3. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed.  Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. Annexed presentations are included. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator. D004 – NCSaaA Support to IOR Development Q3. Description: The Contractor shall provide support to the OCWG Core Team for the management and maintenance of the Interoperability Requirements Data Set. Tasks (Activities – not deliverables): The Contractor shall: - Participate in the management of IORs in the wiki:  Support the review of the IOR specifications status; Update the IOR quality attributes input in the IOR wiki; Ensure new IORs are included in the wiki - Prepare a Presentation on the Operational Requirements Management Process to be delivered at the OCWG Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q3 2026) The deliverable shall include: a) Executive Summary b) Summary of support provided to the to the OCWG Core Team c) List the IORs identifying status of the review (complete, pending) d) Summary of IOR Quality Attribute Completion (%) per IOR e) Identified risks, issues, and mitigation actions f) Annex: Presentation on the Operational Requirements Management Process to be delivered at the OCWG Deadline: End Q3. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. PPT Annex is provided. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the OCWG Coordinator D005 – Analysis of Spiral 7 proposed Specifications for NCSaaA Description: The Contractor shall analyse the proposed Spiral 7 Specifications and provide an assessment for the NCSaaA Representative. Tasks (Activities – not deliverables): The assesment shall include: - Analysis of de-scoped CPEs and its operational impact. - Overall analysis of spiral specifications quality. - Overall analysis of risks and issues. - Proposals for NCSaaA comments in the OCWG regarding the proposed Spiral 7 specifications. Deliverable: The Contractor shall deliver a consolidated report for the NCSaaA Representative in preparation for the MG Meeting # The deliverable shall include: a) Executive Summary b) Summary of support provided to the to the OCWG Core Team c) List the IORs identifying status of the review (complete, pending) d) Summary of IOR Quality Attribute Completion (%) per IOR e) Identified risks, issues, and mitigation actions f) Annex: Presentation on the Operational Requirements Management Process to be delivered at the OCWG Deadline: 30 Aug 2026. Format: MS Word (Report) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. PPT Annex is provided. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator Q4 deliverables D006 – Organization of an NCSaaA FMN SMEs meeting in SHAPE. Description: The Contractor shall plan, coordinate, and support the execution of a one- or two-day NCSaaA FMN SMEs coordination meeting at SHAPE involving representatives from relevant ACO HQs. Tasks (Activities – not deliverables): The task shall include: - Coordinate with SHAPE and ACO stakeholders to propose suitable dates - Identify and engage relevant SMEs - Prepare and distribute invitations - Develop and distribute meeting agenda - Prepare required presentations: Presentation on FMN framework. Presentation on FMN data model. Presentation on benefits for ACO of FMN development. - Provide on-site facilitation support (if meeting is held) Deliverable: The deliverable shall include: 1. Documented evidence of stakeholder engagement: List of SMEs contacted; Invitations issued; Responses received 2. Final meeting agenda 3. Presentation package including: FMN Framework overview; FMN Data Model overview; Benefits of FMN for ACO 4. If the meeting takes place: Attendance list; Meeting minutes or summary report 5. If the meeting does not take place due to reasons beyond Contractor control:  Evidence of coordination efforts; Record of reasons for non-execution; Recommendation for rescheduling Deadline: End Q4. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (presentations in Annexes) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. PPT Annexes are provided. No material deficiencies are identified during review. Acceptance authority:  NCI Agency Project Manager in consultation with the NCSaaA Representative D007– NCSaaA Support to IOR Development Q4 Description: The Contractor shall provide support to the OCWG Core Team for the management and maintenance of the Interoperability Requirements Data Set. Tasks (Activities – not deliverables): The Contractor shall: Participate in the management of IORs in the wiki: Support the review of the IOR specifications status; Update the IOR quality attributes input in the IOR wiki; Ensure new IORs are included in the wiki Prepare a Summary report for the OCWG Representatives Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q4 2026) The deliverable shall include: a) Executive Summary b) Summary of support provided to the to the OCWG Core Team c) List the IORs identifying status of the review (complete, pending) d) Summary of IOR Quality Attribute Completion (%) per IOR e) Identified risks, issues, and mitigation actions Deadline: End Q4. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the OCWG Coordinator D008 - NCSaaA Support to IWG Syndicates Q4 Description: The Contractor shall provide facilitation and coordination support to the IWG C2 and IWG CIMIC Syndicates under OCWG governance, including support to Spiral 7 development activities. Tasks (Activities – not deliverables): The Contractor shall: - Facilitate weekly or bi-weekly IWG meetings. - Prepare meeting agendas and supporting materials. - Liaise with relevant FMN governance bodies (e.g., CPWG, FMN Secretariat). - Support contributions to Tidepedia related to Spiral 7 specifications. - Support IWG Leads in coordination, planning, and reporting activities. Deliverable: The Contractor shall deliver a consolidated report covering the reporting period (Q4 2026) The deliverable shall include: a) Executive Summary b) Summary of facilitation and coordination activities performed c) Status of Spiral 7 initial development (PIs) d) Identified risks, issues, and mitigation actions e) Stakeholder coordination summary f) Annexes: Presentation on Spiral 7 PIs; Presentation delivered to OCWG on syndicate progress Deadline: End Q4. Format: MS Word (Report) – FMN-approved template; MS PowerPoint (Annexed briefings) – FMN-approved template Acceptance criteria: The deliverable shall be considered accepted when: All required sections are completed. Content reflects activities performed during the defined reporting period. Risks and issues are clearly identified. Annexed presentations are included. No material deficiencies are identified during review. Acceptance authority: NCI Agency Project Manager in consultation with the relevant IWG Syndicate Leads and OCWG Coordinator The expected classification level of the deliverables is NATO UNCLASSIFIED. However, in some particular circumstances it may be necessary that a part of the deliverables will be classified as NATO RESTRICTED. The execution of the deliverables may require access to information, as well as CIS systems, and perform interviews in pursuit of data classified up to NATO SECRET. This will take place on-site at an NCI Agency or at an ACO location. 3.3 Coordination and reporting The Service Provider shall participate in a kick-off meeting within two working weeks after the support start date. This will be a virtual meeting executed via electronic means using Conference Call/VTC capabilities; During the kick off meeting, the service provider will deliver and discuss a draft plan for executing the tasks under this statement of work covering the activities in section 3.1 and deliverables in 3.2. Purchaser and Service Provider will discuss the plan and amend where appropriate; The Service Provider will deliver email minutes containing decisions and actions decided during the meeting. The Service Provider shall participate in regular status meetings, either in- person (where possible) or via electronic means using Conference Call/VTC capabilities. Status meetings will take place at least once per month; The rhythm for these meetings will be decided at the kick-off meeting; The Service Provider will initiate these meetings and provide email minutes containing at least decisions and actions decided during the meeting. 4 PAYMENT SCHEDULE This requirement is for the delivery of the products identified in Section 3.2. Payment will be provided based on these deliveries as indicated in the following table: Item 1: Associated Deliverables: D000, D001, D002 Deliverable completion deadline: 30 Jun 2026 Item 2: Associated Deliverables: D003, D004, D005 Deliverable completion deadline: 30 Sep 2026 Item 3: Associated Deliverables: D006, D007, D008 Deliverable completion deadline: 30 Dec 2026 The payment shall be dependent upon successful acceptance of the Delivery Acceptance Sheet (DAS) – (Annex A). 5 SECURITY CLEARANCE The duties of the consultant(s) require(s) a valid NATO SECRET security clearance. 6 PERIOD OF PERFORMANCE Services are to be provided for the period starting NLT 23rd of Mar 2026 through 31 Dec 2026. 7 TERMS Services will primarily be performed off-site at the consultant’s own office. The contractor is responsible for office space and internet connectivity at their own facilities. Office space and computer equipment will be provided at NCIA The Hague or at ACO locations for during any visits for the duration of this contract; Mobile NATO Restricted IT will be provided to the contractor; Any access to systems higher than NATO Restricted that are required to support the production of the deliverables shall only be organised through NCI Agency. The quotation should cover all cost of the identified effort and travel expenses for participation in the in-person events identified in section 3.1, summarised as follows: - Provide attendance and support of routine meetings of the OCWG: Up to 3 meetings, max 5 days in person per meeting (2 x Europe, 1 x North America); - Provide attendance and participation at FMN Sprint meetings: Up to 2 meetings, max 5 days in person per meeting (1 x Europe, 1 x North America); - Provide attendance and support in IWG Syndicate Meetings: Up to 4 meetings, max 3 days in person per meeting (Europe); - Provide participation in NCSaaA Coordination Meetings: Up to 2 meetings, max 3 days in person per meeting (Mons); - Provide participation in the FMN Seminar: One meeting 4 days in person (Croatia) All travel expenses, including per diem, lodging and associated expenses for travel are included in the price of the bid (NTE), such that the purchaser shall not be invoiced separately for travel. Extraordinary Travel (Purchaser Directed Travel) may be required to other NATO or non-NATO locations as necessary. In the event of such unforeseen travels being called, the cost of all travel and subsistence will only be authorized if the budget of this contract can support it and an amendment has been raised previous to travel having occurred. Extraordinary Travel expenses will be reimbursed in accordance with Article 5.5 of AAS+ Framework Contract. Such costs will be set as a separate PO line with a not to exceed value to cover and reimburse of actual expenses upon submissions of all receipts and invoices in line with NCIA processes. NATO will retain the intellectual property rights for all products developed in relation to this project. All deliverables, scripts, documentation and required code will be stored as directed by NCIA. 8 SPECIFIC EXPERTISE REQUIRED [See Requirements] 5 SECURITY CLEARANCE - The duties of the consultant(s) require(s) a valid NATO SECRET security clearance. 8 SPECIFIC EXPERTISE REQUIRED The services to be provided under this SOW requires the skills found in an experienced business architect/ business analyst/ operational analyst who has worked in a multinational military environment. 8.1 Mandatory Expertise - Demonstrated knowledge (at least 3 years) of contributing to or interpreting Allied Joint Doctrine and/or similar national doctrine from a NATO Nation; - Proven expertise (at least 3 years) in the identification and definition of Information Exchange Requirements; - Deep Expertise (at least 3 years) in implementing or developing NATOs Federated Mission Networking Concept and Governance Framework; - Demonstrated Knowledge (at least 3 years) of working with information exchange and interoperability standards; - Proven ability (at least 5 years) to report/brief material tailored to the requirements of senior military stakeholders and decision makers; - Demonstrated ability (at least 5 years) to work in an international team; - Demonstrated ability to write effectively in the English Language; - Demonstrated ability (at least 3 years documented use) with Semantic Media Wiki and Bugzilla Issue Tracking Tools. 8.2 Mandatory Experience & Background - Proven experience (at least 3 years) in the extraction and documentation of Military Operational Processes in one or more Domains or Military Functions; - Proven experience (at least 3 years) in the specification and definition of Military Interoperability Operational Requirements; - Deep Experience (at least 3 years) of working with military interoperability programmes and concepts; - Deep experience (at least 5 years) in working with international organisations and in multinational environments; - Knowledge of NATO Command and Force Structures and military operations. 8.3 Desirable Soft Skills - Clearance & Security Awareness: Ability to work with classified/unclassified data and within secure environments; - Cross-Cultural Communication: Ability to communicate clearly and respectfully across diverse national, cultural, and linguistic backgrounds. Awareness of military etiquette, rank structures, and communication protocols; - Facilitation and Stakeholder Engagement: Confident leading structured workshops and interviews with multinational stakeholders. Skilled at eliciting input, aligning perspectives, and building consensus in group settings; - Adaptability & Flexibility: Comfortable working in ambiguous, evolving environments (e.g., changing mission needs, shifting stakeholder engagement timelines). Can pivot between strategic thinking and tactical detail depending on audience and situation; - Political and Situational Awareness; - Understands the sensitivities and nuances of working in a multinational defense setting. Exercises discretion and professionalism in all interactions. Recognizes when to escalate issues, seek clarification, or defer to local/national policies;