About this job

Within the Network Management Directorate, “Technology” (TEC) develops and maintains NMD’s mission-critical systems, including all NM ops systems, the related communications facilities and technical infrastructure; and supports the Agency’s IT solutions and services (excluding MUAC).

Within TEC, the IT  Security Service is responsible for the implementation of IT Security strategy and principles. It addresses areas such as IT security design and control, review of rules, policies, standards, including risk assessment and control activities.

Responsibilities

• Design security architecture elements at IT application and infrastructure level, seeking to make systems as free of vulnerabilities and impervious to attack as possible;
• Propose solutions that balance business requirements with information and cyber security requirements;
• Gain a thorough understanding of, and continuously and consistently monitor applications and infrastructure, and identify current and emerging security threats;
• Take on all security aspects within a project and define associated security requirements;
• Collaborate closely with application/software architects and infrastructure architects;
• Participate in recommending underlying tools (e.g. identity access) to protect the Agency from unauthorised access, use, disclosure, disruption, modification or destruction in order to ensure integrity, confidentiality, and permanent availability of all IT applications and systems;
• Perform any other task in line with the main purpose of the job.

Profile

• Completed university studies of 4 years in a relevant domain (e.g. Computer Science; Cyber Security);
• Internal candidates should check on the intranet to see what level of in-house experience is considered equivalent to educational qualifications where appropriate;
• A minimum of 5 years of relevant working experience;
• Professional training/certificate: would be considered an advantage:
  • CISM (Certified Information Security Manager);
  • CISSP (Certified Information Systems Security Professional);
  • GIAC (Global Information Assurance Certification);
• Proficiency in information and cyber security and data protection;
• Experience in several of the following fields: security investigation; security management; security risk; assessment; security management systems; threat mitigation;
• Knowledge of current and emerging IT security technologies;
• Knowledge of security standards and practices (ISO 27001, ISMS);
• Experience in designing and implementing security solutions;
• Communication: Fosters two-way communication;
• Team work: Fosters teamwork;
• Problem solving: Solves complex problems and provides effective solutions;
• Analytical thinking: Applies methodical approach to complex information;
• Ability to work in a multinational and multicultural environment;
• Professional conduct in line with the corporate behaviours of the Agency i.e. result-driven, readiness to change, customer focus, integrity and team-player approach;
• Thorough knowledge (oral/written) of one of the working languages of the Agency (English/French) and satisfactory knowledge of the other language to the extent necessary for the performance of the described job. For this particular function, thorough knowledge (oral/written) of English is required.

USEFUL INFORMATION

• Applications will be accepted from nationals of EUROCONTROL Member States only. At the closing date of the notice of competition, internal candidates must have completed their probationary period.
• This is an appointment for a determined period of 5 Year(s). It could be extended up to a maximum of 9 years or converted into an undetermined contract. Before being established in the post, the external candidate will be requested to provide certified copies of his/her degrees and successfully serve a probationary period of 9 months.