SC2026/004965 NNCCRS SW Engineer - MTF Message Monitoring App (NS) - TUE 7 Jul

This is a relaunch of SC2026/004824

Please note that candidates submitted in the first round for subject RFQ were considered not compliant due to the following:

• The candidate was interviewed and found not suitable. He demonstrated limited experience, very limited knowledge and very limited communication skills.
• The candidate was interviewed and found not suitable. Junior developer. Very limited experience.
• CV not compliant with the SOW Requirements. A lot if back-end experience, but not front-end which is the core requirement of this job.
• CV not compliant with the SOW Requirements. He is more a System/Security engineer.

The RFQ has been relaunched under SC2026/004965 (former SC2026/004824). Note that location has been changed to Offisite.

Deadline Date: Tuesday 7 July 2026

Requirement: NNCCRS SW Engineer - MTF Message Monitoring App

Location: Off-Site

Note: Please refer to your Subcontract Agreement, article 6.4.1.a, which states “Off-Site Discount: 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at- home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs

Total Scope of the request (hours): 558

Required Start Date: 1 September 2026

End Contract Date: 31 December 2026

Required Security Clearance: NATO SECRET

Duties & Role:  

The contractor shall be responsible for the end-to-end delivery of the Military Text Format (MTF) message monitoring application, in accordance with the defined requirements.

1. Design and Development: Design the overall system architecture aligned with the prescribed technology stack; Develop backend services for message ingestion, processing, validation, and storage; Develop frontend components for user interaction, including dashboards and detailed views; Implement message parsing and validation logic for MTF messages; Ensure extensibility of configurable elements such as message categories
2. Integration: Integrate the application with Microsoft Exchange using EWS to monitor the registry mailbox; Implement authentication and authorization via Keycloak and Active Directory; Implement and manage X.509 certificate usage where required; Ensure proper interaction between frontend, backend, and database components
3. Data Management: Design and implement the database schema; Ensure efficient storage and retrieval of message data and delivery status information; Implement user and group-based access control within the application
4. Delivery Status and Monitoring Features: Implement tracking of message delivery, read, and acknowledgement status; Develop mechanisms to calculate and display status metrics and percentages; Provide visualization components for operational awareness, including dashboards
5. Validation and Compliance: Implement validation of MTF messages against both generic and type-specific structures; Implement validation of message exchange workflows; Identify and highlight missing actions and inconsistencies
6. DevOps and Deployment: Configure and maintain Amazon Azure DevOps pipelines for build and release; Produce deployable RPM packages; Implement and maintain software deployment automation; Ensure the application can be deployed on Oracle Linux environments
7. Documentation: Produce and maintain documentation in LaTeX format, including User manual, Installation guide and Deployment plan; Ensure documentation is complete, accurate, and aligned with the delivered system
8. Testing and Quality Assurance: Perform unit, integration, and system testing; Support user acceptance testing; Ensure compliance with security and performance requirements
9. Support and Collaboration: Collaborate with stakeholders to refine requirements and priorities; Translate operational needs into practical technical and user interface solutions; Provide technical guidance and recommendations where appropriate; Support troubleshooting and issue resolution during development and deployment

Requirements

Skills, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• The contractor shall demonstrate proven expertise in the design, development, and delivery of secure, enterprise-grade web applications in a defence or similarly regulated environment.
• Technical Skills: The contractor shall possess strong, demonstrable experience in: Backend development using Java; Frontend development using React; Database design and implementation using PostgreSQL; Object-relational mapping using Java Persistence API (JPA); Integration with Microsoft Exchange using Exchange Web Services (EWS) or IMAP; Implementation of authentication and authorization using Keycloak, including integration with Active Directory, Working with X.509 certificates, including handling, validation, and secure usage; Deployment and configuration on Linux environments, preferably Oracle Linux (versions 9 or higher); Configuration and use of Apache as a reverse proxy; Version control using Git.
• The contractor shall have experience in: Designing scalable and maintainable system architectures; Implementing role-based access control and fine-grained authorization models; Developing applications with secure coding practices
• DevOps and Tooling: The contractor shall demonstrate experience with: Amazon Azure DevOps, including repository management, pipelines, and build automation; Creation and maintenance of CI/CD pipelines; Packaging applications in RPM format; Software deployment automation; Generating technical documentation using LaTeX and automated build pipelines; Experience working within controlled or restricted DevOps environments is highly desirable.
• Domain Knowledge: The contractor should have: Understanding of Military Text Format (MTF) messaging standards, or the ability to rapidly acquire such knowledge; Experience with message parsing, validation, and structured data processing; Familiarity with messaging workflows, delivery tracking, and audit requirements; Previous experience working within NATO environments is highly desirable.
• Security and Compliance: The contractor shall demonstrate: Experience in developing applications compliant with strict security standards; Familiarity with NATO Web Application Security Directive or equivalent security frameworks; Ability to implement secure authentication, data protection, and audit logging mechanisms
• User Experience and Requirements Translation: The contractor shall demonstrate a strong ability to: Translate user requirements into effective and usable web-based user interfaces; Balance user expectations with web design best practices, ensuring usability across different screen sizes and avoiding overly complex layouts, such as multiple panels or independent scroll areas
• Methodology, Communication and Collaboration: The contractor shall: Have proven experience working in Agile SCRUM environments; Be capable of participating in sprint planning, reviews, and retrospectives; Be able to conduct all work, communication, and documentation in English; Demonstrate strong communication skills and ability to collaborate with stakeholders, including technical and operational users