2024-0229 SQL and Power BI SME Support (NS) - TUE 29 Jul

Deadline Date: Tuesday 29 July 2025

Requirement: SQL and Power BI SME Support

Location: Mons, BE

Full Time On-Site: Yes

Time On-Site: 100%

Period of Performance: As soon as possible but not later than 25th of August 2025 (tentative) until 31 December 2025, with possibility to exercise the following options:

2026 Option: 1st January until 31st December 2026

2027 Option: 1st January until 31st December 2027

2028 Option: 1st January until 31st December 2028

Required Security Clearance: NATO SECRET

1. INTRODUCTION

The NCI Agency has been established with a view to meeting the collective requirements of some or all NATO nations in the fields of capability delivery and service provision related to Consultation, Command & Control as well as Communications, Information and Cyber Defence functions, thereby also facilitating the integration of Intelligence, Surveillance, Reconnaissance, Target Acquisition functions and their associated information exchange.

The NCSC is responsible to defend NATO networks on a 24/7 basis and to share relevant cyber information with all its stakeholders. To achieve these objectives, it requires a significant amount of coordination and decision making within and outside the boundaries of NCSC.

2. OBJECTIVE

The objective of this statement of work (SoW) is to outline the scope of service and deliverables of SQL and Power BI SME in order to provide support to NATO Cyber Security Centre (NCSC) to fulfil identified SQL and Power BI SME Operation and maintenance activities more effectively.

The NCSC is responsible to defend NATO networks on a 24/7 basis and to share relevant cyber information with all its stakeholders. To achieve these objectives, it requires a significant amount of coordination and decision making within and outside the boundaries of NCSC. In an effort to better deliver the service the NCSC is seeking support from industry.

The current expectation is that there will be one to several meetings to support on a daily basis, during weekdays.

3. SCOPE OF WORK

The aim of this SOW is to support NCSC with technical expertise specifically related to the operation and maintenance of SQL databases and Power BI SME activities with a deliverable-based contract to be executed in 2025.

This task includes data analysis and reporting of data reported by the Cyber Security SQL and Power BI SME Support. For the provision of consistent support and the execution of the task, NCIA will get subject matter expertise from the industry with a service (deliverable based/completion type) based AAS framework contract in the delivery of requested capability.

The Cyber Security SQL and Power BI SME gives visibility and insight on the networks in NATO environment, which in turn is critical to effective management, strong security and compliance, and efficient migrations and consolidations.

More broadly, NATO needs to be able to monitor the configuration of its domain controllers in order to prevent exploitation by malicious threat actors.

Under the direction / guidance of the NCSC Point of Contact, the contractor’s personnel will be part of the NCSC Team supporting the following activities:

- Verify that SQL & CVA PowerBI solution is functional & operational. Ensure all relevant reports are accessible by the all internal/external stakeholders.

- Assure timely, accurate and complete collection of assessment data originating from vulnerability scans and other assessment sources. Control, maintain and ensure data is imported inside CVA PowerBI solution and that modules of CVA BI data process and operate data without interruption (scripts, storage, procedures etc.).

- Maintain/improve CVA PowerBI solution (SQL database and Power BI modules & reports). In collaboration and under instructions of Section Head and/or CVA analyst design, implement (new) functionalities in order to report aggregated security findings to the stakeholders in a dynamic fashion via tables and graphical presentation.

- Provide to Section Head CVA an overview of all newly implemented modules and reports. Ensure all relevant methodologies, scripts and processes in use are documented and accessible by all required stakeholders.

The Contractor will provide services related to the activities above, using an agile and iterative approach using multiple sprints, with each sprint planned for a duration of 5 working days.

Due to the AGILE approach of this project, there is a need to define a set of specific arrangements between the NCIA and the contractor that specifically defines the deliverables to be provided for each sprint as well as their associated acceptance criteria. This includes sprint planning, execution and review processes, which are detailed below:

Sprint Planning:

Objective: Plan the objectives for the upcoming sprint.

Kick-off meeting: Conduct a bi-weekly (every two weeks) meeting with the contractor to plan the objectives of upcoming sprint and review contractor`s manpower to meet the agreed deliverables.

Set sprint goals: Define clear, achievable goals for the sprint and associated acceptance criteria, including specific delivery targets, Quality standards as well as Key Performance Indicators (KPIs) for each task to be recorded in the sprint meeting minutes.

Agree on the required level of effort for the various sprint tasks.

Backlog Review: Review and prioritise the backlog of tasks, issues, and improvements from previous sprints.

Assess each payment milestone cycle duration of two sprints. State of completion and validation of each sprint status and sign off sprints to be submitted for payment as covered in Section 4.

There should be a sprint planning meeting every 4 sprints, that is 4 calendar weeks.

Sprint Execution

Objective: Contractor to execute the agreed “sprint plans” with continuous monitoring and adjustments.

Regular meetings between NCIA and the contractor to review sprint progress, address issues, and make necessary adjustments to the processes or production methodology. The Meetings will be physically in the office.

Continuous improvement: Contractor to establish a continuous feedback loop to gather input from all stakeholders for ongoing improvements and their subsequent implementation depending on NCIA approval.

Progress Tracking: Contractor to use a shared dashboard or tool to track the status of the sprint deliveries and any issues.

Quality Assurance/Quality Check: Contractor shall ensure that the quality standards agreed for the sprint deliverables are maintained throughout the sprint.

Quality Control: NCIA to perform the Final Quality Control of the agreed deliverables and provide feedback on any issues.

Sprint Review

Objective: Review the sprint performance and identify areas for improvement.

At the end of each sprint, there will be a meeting between the NCIA and the Contractor to review the outcomes against the acceptance criteria comprising sprint goals, agreed quality criteria and Key Performance Indicators (KPIs).

Define specific actions to address issues and enhance the next sprint.

Sprint Payment

For each sprint to be considered as complete and payable, the contractor must report the outcome of their work during the sprint, first verbally during the retrospective sprint review meeting and then in writing within three days after the sprint’s end date. A report must be sent by email to the NCI Agency Core GIS Senior Service Delivery Manager, listing all the work achieved against the agreed tasking list set for the sprint.

The contractor's payment for each sprint will be depending upon the achievement of agreed Acceptance Criteria for each task, defined at the sprint planning stage. This will include specific delivery targets, quality standards as well as Key Performance Indicators (KPIs) for each task.

The payment shall be dependent upon successful acceptance as set in the above planning/review meetings. This will follow the payment milestones that shall include a completed Delivery Acceptance Sheet (DAS) – (Annex A).

Invoices shall be accompanied with a Delivery Acceptance Sheet (DAS) – (Annex A) signed by the Contractor and project authority.

If the contractor fails to meet the agreed Acceptance criteria for any task, the NCI Agency reserves the right to withhold payment for that task/sprint.

4. DELIVERABLES and PAYMENT MILESTONES

The following deliverables are expected from this statement of work:

1. Complete the activities/tasks agreed in each sprint meeting as per sections 2 and 3 above.

2. Produce sprint completion reports (format: e-mail update) or the formal documentation required per specific task;

Payment Schedule will be according to payment milestones in the table below.

The NCIA team reserves the possibility to exercise a number of options, based on the same deliverable timeframe, later, depending on the project priorities and requirements.

Each deliverable shall accurately reflect what was discussed, decided, and action items assigned. Sensitive information discussed prior, during and after meetings shall be handled in accordance with the NATO policy on Information Management.

The payment shall be dependent upon successful acceptance of the sprint report and the Delivery Acceptance Sheet (DAS) – (Annex A).

Invoices shall be accompanied with a Delivery Acceptance Sheet (Annex A) signed by the Contractor and the NCIA POC.

The following deliverables are expected from the work on this SoW in 2025:

Deliverable: 22 sprints to support NCSC Assess Branch with SQL and Power BI activities as described in Para 4 (Estimated number of sprints. Actual number of sprints will be determined based on actual starting date.)

Payment Milestones: Monthly, for the sprints completed and accepted with the month.

2026 Option: 1 January 2026 to 31 December 2026

Deliverable: Max.46 sprints to support NCSC Assess Branch with SQL and Power BI activities as described in Para 4

Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article 6.5.

Payment Milestones: Monthly, for the sprints completed and accepted with the month.

2027 Option: 1 January 2027 to 31 December 2027

Deliverable: Max.46 sprints to support NCSC Assess Branch with SQL and Power BI activities as described in Para 4

Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article 6.5.

Payment Milestones: Monthly, for the sprints completed and accepted with the month.

2028 Option: 1 January 2028 to 31 December 2028

Deliverable: Max.46 sprints to support NCSC Assess Branch with SQL and Power BI activities as described in Para 4

Cost Ceiling: Price will be determined by applying the price adjustment formula as outlined in CO‐115786‐ AAS+ Special Provisions article 6.5.

Payment Milestones: Monthly, for the sprints completed and accepted with the month.

5. COORDINATION AND REPORTING

The contractor shall participate in daily status update meetings, activity planning and other meetings as instructed, physically in the office, or in person via digital means using conference call capabilities, according to the manager’s / team leader’s instructions.

For each sprint to be considered as complete and payable, the contractor must report the outcome of his/her work during the sprint, first verbally during the retrospective meeting and then in written within three (3) days after the sprint’s end date. The format of this report shall be a short email to the NCIA Service Delivery Manager mentioning briefly the work held and the development achievements during the sprint.

At the end of the project, the Contractor shall provide a Project Closure Report that is summarizing the activities during the period of performance at high level.

6. ACCEPTANCE AND REJECTION CRITERIA

a) Acceptance Criteria

a.1. Quality of work reached NATO standards

a.2. Tasks are completed within the assigned time, as agreed in the sprint planning

a.3. Performances are as defined by the line manager as agreed in the sprint planning

a.4. Accuracy: the product shall accurately reflect what was discussed, decided, and action items assigned during weekly meeting per sprint.

a.5. Clarity and Conciseness: Information shall be presented clearly and concisely, avoiding unnecessary jargon or complex language.

a.6. Objectivity: the content shall be impartial and objective, presenting information without bias or personal interpretation.

a.7. Structure: the product shall follow a logical structure, typically including sections such as agenda, attendees, discussions, decisions, action items, and any other relevant information, further directed by the IKM SG.

a.8. Timeliness: the product shall be prepared and distributed promptly after the meeting, ensuring that information is fresh and actionable. It is expected a maximum of two times the length of the meeting for the time required to prepare and share the product to the meeting audience for initial review.

a.9. Formatting: Consistent formatting shall be used throughout the document, including font style, size, headings, and spacing further directed by the IKM SG.

a.10. Confidentiality: Sensitive information discussed prior, during and after meetings shall be handled in accordance with the NATO policy on Information Management.

b) Rejection Criteria

b.1. Quality of work is low

b.2. Tasks are not completed within the assigned time

b.3. Performances are not as defined by the line manager

c) A replacement will be requested if the contractor cannot fulfil the tasks as explained in rejection criteria.

d) Payment will not be done if the sprint is not completed.

7. SCHEDULE

This task order will be active immediately after signing of the contract by both parties.

The period of performance is as soon as possible but not later than 25th of August 2025 (tentative) and will end no later than 31 December 2025.

8. WORK EXECUTION

The services will be mainly executed on premise in SHAPE, Mons Belgium. NCIA IT equipment will be provided (NCSC NROP laptop & NCSC NSOP workstation).

Results of the work will be provided verbally or via email on a weekly basis to the assigned Point of Contact.

All the deliverables provided under this statement of work will be based on NCIA templates or agreed with the project point of contact.

All documentation etc. will be stored under configuration management and/or in the provided NCIA tools.

9. SECURITY AND NON-DISCLOSURE AGREEMENT

It is mandatory to have the candidate be in possession of a NATO SECRET security clearance to facilitate follow-on engagements and coordination at NATO venues.

The signature of a Non-Disclosure Agreement between the contractor contributing to this task and NCIA will be required prior to execution.

10. PRACTICAL ARRANGEMENTS

First week is represented by on-site familiarisation period with key NCSC personnel and tool to be introduced to the environment. This is considered Sprint 1.

The contractor will be required to provide services onsite in Mons / BEL as part of this engagement. The NCSC Team is located in Mons / BEL . Services are to be provided during standard business hours.

The services will be mainly executed on premise in SHAPE, Mons Belgium. NCIA IT equipment will be provided (NCSC NROP laptop & NCSC NSOP workstation).

Contractor’s personnel providing services under this SOW must be in possession of a security clearance by their National Authority of NATO SECRET. The signature of a Non- Disclosure Agreement between any Service Provider’s individuals contributing to this task and NCIA will be required prior to execution.

Results of the work will be provided on a weekly basis to the assigned Point of Contact (Annex B – weekly action tracking report)

Teleworking/ remote work from another NATO country is possible based on manager’s approval, following the rules and regulations applicable for the operations of NATO CIS.

In this case, travel between remote location and onsite location is not considered TDY and is not reimbursed.

Travel expenses for missions to other NATO/NCIA locations: No travel expected. Daily presence on SHAPE, Mons Belgium is expected to deliver according to performance goals.

Regular travel costs to and from main location of the work (SHAPE HQ) are out of scope and will be borne by the contractor.

Services under this SOW are to be provided by one contractor for the entire duration of the contract.

The Purchaser will provide the contractor with the following Purchaser-Furnished Equipment (PFE):

• Access to NATO sites, as required, for the purpose of executing this SOW.

• Workspace (needed business IT for both on- and off-site work, hot-desk at NCSC facility).

• NCIA “REACH” laptop to be used by the contractor for the execution of the contract.

11. REQUIRED PROFILE

[See Requirements]

Requirements

9. SECURITY AND NON-DISCLOSURE AGREEMENT

• It is mandatory to have the candidate be in possession of a NATO SECRET security clearance to facilitate follow-on engagements and coordination at NATO venues.

11. REQUIRED PROFILE

The resource providing services under this SOW is required to have the following profile:

• Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience.
• Hands-on experience in API integration using python and PowerShell. At least 5 years’ experience.
• Administering MS SQL Servers, monitoring and tuning the performance within several levels: physical level and database level (database settings and options). At least 3 years’ experience.
• MS SQL query tuning (creating/maintaining database indices, stored procedures, views, functions, memory settings). At least 3 year experience.
• Creating data-rich dashboards, implementing Row-level Security (RLS) in Power BI, writing DAX expressions, developing custom BI products with scripting and programming languages such as Python.
• Proved experience working with jQuery, D3.js.
• Strong understanding of security best practices and experience with tenable products (Tenable Security Center and Nessus Agent Manager).
• 3+ years of experience in IT security, with a focus on Security Audit and / or Security Assessment of large organisation.
• Strong analytical and problem-solving skills
• Excellent communication and collaboration skills
• Knowledge of NATO organization and its IT infrastructure is a plus
• Certifications such as CISSP, CISM, or CISA is a plus.