EUROPEAN EXTERNAL ACTION SERVICE (EEAS) Vacancy notice – IT Service Officer - HQ Contract Agent FGIV - RM.SCS.5 - EEAS Headquarters job no 417257

WE ARE

The European External Action Service (EEAS) supports the High Representative in the exercise of her mandate to conduct and implement an effective and coherent Common Foreign and Security Policy (CFSP), to represent the EU and to chair the Foreign Affairs Council. 

It also supports the High Representative in her capacity as Vice-President of the Commission with regard to her responsibilities within the Commission in the external relations field, including the coordination of other aspects of the EU's external action. The EEAS works in close cooperation with the EU Member States, the General Secretariat of the Council, the services of the Commission and the Secretariat General of the European Parliament.

The main mission of EEAS Digital Solutions division is to assist the European External Action Service and EU’s Delegation worldwide network in achieving its strategic objectives by supporting administrative and core business processes with modern Information and Communication Technology tools. The unit is composed of 55 officials and more than 150 experts and is organized in four sections: Management, IT Operations, Services and IT Security.  

WE PROPOSE

The position of IT Service Officer, Contract Agent Function Group IV (FGIV) as per article 3b of the Conditions of Employment of Other Servants of the European Union (hereafter, the “CEOS”).

PLACE and DATE OF EMPLOYMENT

‎EEAS Headquarters, Brussels, Belgium

Post available: immediately

LEGAL BASIS 

The vacancy is to be filled in accordance with the conditions stipulated under the CEOS, in particular Article 82 thereof. In case of recruitment, the successful candidate will be offered a contract agent position (Function group IV), on the basis of a contract with an initial duration of one year that may be successively renewed up to a maximum duration of six years, subject to the maximum duration of engagement by the EEAS allowed under successive limited duration contracts of different types. 

WE LOOK FOR

We are seeking a Senior IT Officer to support and strengthen access control, managing identity access and privileged account security (IAM / PAM) within a complex, multi-application and multi-layer IT architecture.

The successful candidate will be responsible for the operational and governance aspects of privileged access and secure IT administration, including the analysis of access rights across diverse applications, evaluation of existing access management governance, and the implementation of improvements aligned with security and compliance requirements. The role requires a hands-on operations profile, combining technical expertise with structured analysis and close collaboration with internal stakeholders and external service providers.

In addition to demonstrating very good analytical and organisational skills, the successful candidate will have to be pro-active and be able to follow the procedures on an autonomous basis. 

The ability to build and maintain good human relations within the teams and with our internal customers is essential. The selected candidate should demonstrate significant relevant experience.

The key responsibilities include:

Solution Design & Implementation

• Design and implement PAM and IAM solutions aligned with business and security requirements.
• Deploy and configure provisioning workflows (Joiner / Mover / Leaver processes).
• Integrate IAM/PAM solutions with Active Directory / LDAP and enterprise applications (SAP, ServiceNow, databases, internal systems).
• Define access governance models and role-based access controls (RBAC).
• Participate in architecture reviews and security assessments.

Provisioning & Deprovisioning Management

• Implement automated identity provisioning processes.
• Ensure secure and timely deprovisioning of accounts and access rights upon termination or role change.
• Guarantee full removal of privileged access when no longer required.
• Prevent orphan, dormant, or shared accounts.
• Ensure compliance with Joiner/Mover/Leaver lifecycle controls.
• Perform regular reconciliation between IAM/PAM systems and target systems.

Operations, Usage & Monitoring

• Ensure daily operational support of PAM and IAM platforms.
• Monitor solution usage, privileged session activities, and access patterns.
• Analyze usage reports and detect anomalies or misuse.
• Ensure proper use of privileged access according to internal policies.
• Manage session recordings, password vaulting, and approval workflows.
• Produce periodic reports on access usage, privileged account activity, and compliance indicators.
• Support internal and external audits with usage evidence and logs.
• Handle incidents, service requests, and problem management.
• Perform upgrades, patches, and system hardening.

Security & Compliance

• Enforce least privilege and segregation of duties principles.
• Ensure compliance with internal security policies and regulatory frameworks.
• Conduct periodic access reviews and certifications.
• Participate in risk assessments and remediation plans.
• Monitor and remediate security vulnerabilities.

Continuous Improvement

• Identify automation opportunities to reduce manual access management.
• Improve provisioning and deprovisioning processes.
• Strengthen monitoring and access governance maturity.
• Stay up to date with emerging cybersecurity threats and technologies.

The job is a key position for an experienced technical IT Officer looking for a dynamic working environment and challenging projects within a friendly, motivated and supportive team. 

Main working language is English, and French is a strong asset.

Eligibility criteria

Further to the conditions set out in Article 82 of the CEOS, candidates must:

• have passed a valid EPSO CAST in a valid function group for this post, or be registered in the EPSO Permanent CAST for FG IV (https://epso.europa.eu/en/job-opportunities/open-for-application). 

  In the latter case, while the registration will make the candidate eligible for the selection procedure, the recruitment of a candidate on this vacant post will be subject to them successfully passing the CAST exam;

• have completed university studies of at least three years attested by a diploma;

• have the capacity to work in the languages of the CFSP and external relations (English and French) necessary for the performance of their duties; 

• be a national of one of the Member States of the European Union and enjoy full rights as a citizen.

Selection criteria

Candidates should have: 

• A university degree in Information Technology, Computer Science, Cybersecurity, Engineering, or a related discipline, or an equivalent level of professional experience.
• Proven senior-level professional technical experience in security operations, access management, or secure system administration within complex IT environments.
• Demonstrated hands-on experience with:
  • Privileged Access Management (PAM) and Identity Access Management (IAM) solutions
  • Access rights analysis and review across applications and infrastructures
  • Secure IT and local system administration with a strong security focus
• Experience in identity and access governance, role-based access control, and accreditation processes is a strong asset;
• Proven experience in project implementation and follow-up, as well as in the coordination of external suppliers and service providers.
• Strong analytical skills, with the ability to understand and assess complex IT architectures and access models;
• Hands-on and methodical approach to security operations, including the ability to translate governance requirements into practical technical controls;
• Ability to manage sensitive and privileged information with a high level of integrity and discretion;
• Strong organisational skills and the ability to manage multiple priorities in a structured way;
• Clear and effective communication skills, enabling interaction with technical experts, application owners, auditors, and management.
• Ability to work effectively in a multicultural and international environment.
• Excellent knowledge of English (main working language).
• strong drafting and analytical skills combined with sound judgement;
• strong service attitude;
• be a flexible team player.

Furthermore: 

• professional certifications in IT Security;
• experience of working in a team in multi-disciplinary and multi-cultural environment;
• experience in working with or within other EU institutions;

CONDITIONS OF RECRUITMENT AND EMPLOYMENT

CONFLICT OF INTEREST AND SECURITY RISKS

As a matter of policy, applications by individuals who have dual nationality of which one of a non-EU country, will be considered on a case-by-case basis taking account in particular of the functions attributed to the vacant post. The EEAS also examines if there could be a conflict of interest or security risks.

In this context, candidates shall fill in with their application a declaration of potential conflict of interest.

MEDICAL CLEARANCE

The signature of the contract will be subject to prior favourable opinion of the Medical Service.

PERSONNEL SECURITY CLEARANCE (PSC)

The requested level of security clearance for this post is: SECRET UE/EU SECRET. A description of the EU classified information levels is available under Article 2 of Annex A of the Decision ADMIN(2023) 18 on the security rules of the EEAS.

The selected candidate should hold, or be in the position to obtain, a valid Personnel Security Clearance (hereafter, the “PSC”) issued by the competent authority of the Member State concerned. 

Candidates who do not already have a valid PSC will be required to go through the security clearance vetting procedure of their Member State to obtain this clearance in accordance with national laws and regulations and with the procedure laid down in the Decision ADMIN(2019)7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019 and in Annex A I of the Decision ADMIN(2023) 18 on the security rules of the EEAS. Until the PSC is issued by the competent authority of the Member State concerned, the selected candidate will not be authorised to access EUCI at the level of CONFIDENTIEL UE/EU CONFIDENTIAL or above, or to participate in any meetings or workflow where EUCI is processed.

Please note that the necessary procedure for obtaining a PSC can be initiated on request of the employer only, and not by the individual candidate.

In case of failure to obtain or renew the required PSC, the AACC may take the appropriate measures in accordance with Article 3(3) of the Decision ADMIN(2019) 7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019.

EQUAL OPPORTUNITIES

The EEAS strives to be a dynamic, respectful and inclusive Service. We value the talent and professional excellence of our staff, and are committed to building an organisation where gender equality and the respect of diversity are core values, as set out in the EEAS Mission Statement and the EEAS Agenda for Diversity and Inclusion. The EEAS is committed to achieving gender balance within its workforce and strives to avoid any form of discrimination during this selection procedure, as per Article 1(d) of the SR. We actively welcome applications from all qualified candidates without any discrimination based on any ground. We commit to recruit candidates with the highest standard of ability, efficiency and integrity, carrying out a selection based on merits required for the post and from the broadest possible geographical basis among the EU Member States.

The EEAS is committed to working with people with disabilities in the terms of the SR. If, by virtue of your medical condition or special needs, you require reasonable accommodation for a part or the entirety of this selection process, please send us an email to CONTRACTAGENTS-HQ@eeas.europa.eu. Your request will be treated in strict confidence and no record will be kept. If a candidate with a disability is selected for a vacant post, the EEAS is committed to providing reasonable accommodation in accordance with Article 1(d)(4) of the SR. 

All selected candidates are expected to adhere to the Principles of Professional Behaviour of the EEAS, which outline the need for integrity, transparency, respect, professionalism and accountability, and a zero tolerance approach to any form of harassment

APPLICATION AND SELECTION PROCEDURE

Please send your CV and cover letter (with your EPSO CAST number), in English or French, and the declaration of potential conflict of interest via email, with reference to the Vacancy Number in the Subject field, to:

RM-SCS-5-HR@eeas.europa.eu

Deadline for sending application: 09/042026 at 23:59 Brussels time (CET).

Candidates shall draft their CV using the Europass CV, which can be found at the following internet address:

http://europass.cedefop.europa.eu/en/documents/curriculum-vitae.

Late applications will not be accepted.

The selection panel will make a pre-selection on the basis of the qualifications and professional experience described in the CV and motivational letter, and will produce a shortlist of eligible candidates who best meet the selection criteria for the post. Please note that only shortlisted candidates will be informed about the outcome of the pre-selection phase.

The candidates who have been preselected will be invited for an interview by a selection panel. 

The selection panel may decide, subsequent to the interview, to organise written tests, either for all pre-selected candidates or to the best ranked ones. The content of such written tests will be defined by the selection panel and may include, but not be limited to, multiple choice questions, open questions and/or topics for a short essay. 

Pre-selected candidates without a valid CAST shall be invited to sit the CAST exam before or after the interview stage (in accordance with the eligibility criteria set out above). 

The panel will then recommend a shortlist of candidates for a final decision by the Authority Authorised to Conclude Contracts of Employment (hereafter, the “AACC”). The AACC may decide to interview the candidates on the final shortlist before taking this decision.

It is recalled that the selection procedure may be terminated at any stage in the interest of the service.

In the interest of the service, after identifying the candidate that best fits the requirements of the post as set out in the vacancy notice, the AACC may also establish a reserve list of candidates. These candidates shall be informed that the reserve list shall remain valid for a period of one year from when it is established and that it may be used to fill the same post or an equivalent post in the EEAS with the same job profile.

1. ^

    Staff Regulations of Officials of the European Union (SR) and the Conditions of Employment of Other Servants of the European Union (CEOS). 

2. ^

   Article 8 of the Commission Decision C(2017) 6760 of 16.10.2017 on the general provisions for implementing Article 79(2) of the Conditions of Employment of Other Servants of the European Union, governing the conditions of employment of contract staff employed by the Commission under the terms of Articles 3a and 3b thereof.

3. ^

    Decision ADMIN(2023) 24 on the maximum duration of engagement by the European External Action Service of non-permanent staff under successive limited duration contracts of different types, and on the minimum lapse of time between successive contracts under Article 2(e) of the CEOS.

4. ^

    All the eligibility criteria must be met on the closing date for applications to this post.

5. ^

   The CAST is the Contract Agents Selection Tool, administered by the European Personnel Selection Office (EPSO). The candidates interested in the post are asked to create an EPSO account and register for a permanent CAST in Function Group IV in the respective field (e.g. Information and Communication Technology or IT Security) if they have not yet successfully passed a CAST exam in FGIV.  

   Candidates are kindly asked to share the ID number of their CAST application when submitting their documents.      

6. ^

        OJ C 263, 26 July 2023, p.16. 

7. ^

        The ‘Personnel Security Clearance’ is defined under point 2 of Annex A I of the Decision ADMIN(2023) 18 on the security rules of the EEAS as “a statement by a competent authority of a Member State which is made following completion of a security investigation conducted by the competent authorities of a Member State and which certifies that an individual may, provided his ‘need-to-know’ has been determined, be granted access to EUCI up to a specified level (CONFIDENTIEL UE/EU CONFIDENTIAL or above) until a specified date; the individual thus described is said to be ‘security cleared’.”

8. ^

   Your personal data will be processed in accordance with Regulation (EU) 2018/1725, as implemented by ADMIN(2019)8 Decision of the High Representative of the Union for Foreign Affairs and Security Policy. The privacy statement is available on the Europa website: (https://www.eeas.europa.eu/eeas/eeas-privacy-statement-data-protection-notice-purpose-processing-personal-data-related-public_en) and on the EEAS Intranet:(https://intranet.eeas.europa.eu/page/eeas-work/data-protection/privacy-statements-dp-notices).