Vacancy notice – Job title: IT Security Officer - Security Expert - HQ Contract Agent FGIV - EEAS Headquarters job No 267569
WE ARE
The European External Action Service (EEAS) supports the High Representative in the exercise of his/her mandate to conduct and implement an effective and coherent Union’s Common Foreign and Security Policy (CFSP), to represent the EU and to chair the Foreign Affairs Council.
It also supports the High Representative in his/her capacity as Vice-President of the Commission with regard to his/her responsibilities within the Commission in the external relations field, including the coordination of other aspects of the EU's external action. The EEAS works in close cooperation with the EU Member States, the General Secretariat of the Council, the services of the Commission and the Secretariat General of the European Parliament.
EEAS Digital Solutions Division contributes to EEAS business process effectiveness and efficiency in terms of implementing ICT services, tools, and infrastructure by:
- Making available a high-level secure ICT end-user environment that support EEAS end-users in fulfilling their operational targets in both Headquarters and EU Delegations.
- Delivering and maintaining Information Systems in support to EEAS’s activities: construction and maintenance of rich interface applications for desktops and mobile devices, applying high quality standards and development methodology supported by state of the art development life cycle tools.
- Maintaining and developing information and communication technology infrastructures, tools and services with the appropriate levels of training and security.
A dedicated IT Security Team exists with various responsibilities in the IT Security domain such as:
- Providing and managing the Security Operation Centre (SOC)
- Security incident handling
- Dealing with endpoint security, network security, information system security
- Defining security requirements and reviewing the implementation details of IT Projects
- User awareness, policy development
- Designing, implementing and managing the EU Restricted communication system of the EEAS
WE PROPOSE
The position of ICT Security Officer – Security Expert contract agent FGIV as per article 3b of the Conditions of Employment of Other Servants of the European Union (hereafter, the “CEOS”)[1].
PLACE and DATE OF EMPLOYMENT: EEAS Headquarters, Brussels, Belgium
Post available: Immediately
LEGAL BASIS
The vacancy is to be filled in accordance with the conditions stipulated under the CEOS, in particular Article 82 thereof. In case of recruitment, the successful candidate will be offered a contract agent position (Function group IV), on the basis of a contract with an initial duration of one year that may be successively renewed for a maximum duration of six years[2], subject to the maximum duration of engagement by the EEAS allowed under successive limited duration contracts of different types[3].
WE LOOK FOR
We are looking for a dynamic and service-oriented colleague with a very strong IT Security technical background with proven experiences in cyber security user awareness, IT/cyber security policies and standards. In addition to demonstrating very good analytical and organisational skills, the successful candidate will have to be pro-active and be able to follow the procedures on an autonomous basis.
The ability to build and maintain good human relations within the teams and with our internal customers is essential. The selected candidate should demonstrate significant relevant experience.
The main responsibilities are as follows:
- Define the general IT Security/Cyber Security user awareness program.
- Provide IT security / cyber security trainings.
- Contribute to the definition and development of "ICT security" end-user awareness campaigns in various forms in order to raise end-user awareness.
- Contribute to the definition of internal IT/cyber security strategy and policies/standards/guidelines.
- Contribute to IT audit activities.
- Manage the projects related to the implementation of user awareness elements especially focusing on computer based training materials.
- Collaborate with the SOC.
- Provide security consultancy and advice to projects, plans, and other entities.
- Brief at both executive and technical levels on security reports on awareness related activities.
- Manage projects/procurements related to the operation of the IT Security Office.
- Approach tasks with flexibility, proactivity and complete work to a high quality.
- Coordinate tasks as directed by the IT Security Team Leader to assist in the improvement of the security of the system.
- Keep up to date with security trends, threats and control measures.
- Actively participate and contribute in regular and ad-hoc meetings and liaison with team, departmental and institutional colleagues as directed.
- Act as a backup of other colleagues and be involved in activities of the IT Security Team.
The job is a key position for an experienced technical IT officer looking for a dynamic working environment and challenging projects within a friendly, motivated and supportive team.
Eligibility criteria:[4]
Further to the conditions set out in Article 82 of the CEOS, candidates must:
- (i) have passed a valid EPSO CAST in FG IV; OR
- (ii) be registered in the EPSO Permanent CAST for FG IV (https://epso.europa.eu/en/job-opportunities/open-for-application). In that case, while the registration will render the candidate eligible for the selection procedure, the recruitment of a candidate on this vacant post will be subject to their successfully passing the CAST exam that this candidate will be called to attend;
- have completed university studies of at least three years attested by a diploma;
- have the capacity to work in the languages of the CFSP and external relations (English and French) necessary for the performance of their duties.
- be a national of one of the member States of the European Union and enjoy full rights as a citizen.
Selection criteria
Candidates should:
- have a strong proven experience in IT Security related activities, especially in user awareness
- have a strong knowledge of IT security standards, policies, methodologies
- have a strong understanding of risk management methodologies
- be able to represent the EEAS in Cyber Security related inter-institutional technical working groups/task forces
- have strong drafting and analytical skills combined with sound judgement
- have excellent communication skills and the ability to establish and maintain a network of contacts both within and outside the EEAS
- have the ability to communicate clearly on complex issues and the capacity to perform with accuracy and in a flexible manner a diversity of tasks in a complex multicultural and institutional environment
- have strong service attitude
- be fluent in English (both written and orally)
- be a flexible team player
Furthermore:
- Any professional certification in IT Security, especially CISSP, SANS SSAP or similar
- experience of working in a team in multi-disciplinary and multi-cultural environment
- experience in working with classified systems
- experience in working with or within other EU institutions
would be considered as assets.
CONDITIONS OF RECRUITMENT AND EMPLOYMENT
The signature of the contract will be subject to prior favourable opinion of the Medical Service.
The requested level of security clearance for this post is: SECRET UE/EU SECRET. A description of the EU classified information levels is available under Article 2 of Annex A of the Decision ADMIN(2023) 18 on the security rules of the EEAS[5].
The selected candidate should hold, or be in the position to obtain, a valid Personnel Security Clearance (hereafter, the “PSC”)[6] issued by the competent authority of the Member State concerned.
Candidates who do not already have a valid PSC will be required to go through the security clearance vetting procedure of their Member State to obtain this clearance in accordance with national laws and regulations and with the procedure laid down in the Decision ADMIN(2019)7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019 and in Annex A I of the Decision ADMIN(2023) 18 on the security rules of the EEAS. Until the PSC is issued by the competent authority of the Member State concerned, the selected candidate will not be authorised to access EUCI at the level of CONFIDENTIEL UE/EU CONFIDENTIAL or above, or to participate in any meetings or workflow where EUCI is processed.
Please note that the necessary procedure for obtaining a PSC can be initiated on request of the employer only, and not by the individual candidate.
In case of failure to obtain or renew the required PSC, the AACC may take the appropriate measures in accordance with Article 3(3) of the Decision ADMIN(2019) 7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019.
EQUAL OPPORTUNITIES
The EEAS is committed to an equal opportunities policy for all its employees and applicants for employment. As an employer, the EEAS is committed to promoting gender equality and to preventing discrimination on any grounds. It actively welcomes applications from all qualified candidates from diverse backgrounds and from the broadest possible geographical basis amongst the EU Member States. We aim at a service, which is truly representative of society, where each staff member feels respected, is able to give their best and can develop their full potential.
Candidates with disabilities are invited to contact CONTRACTAGENTS-HQ@eeas.europa.eu in order to accommodate any special needs and provide assistance to ensure the possibility to pass the selection procedure in equality of opportunities with other candidates. If a candidate with a disability is selected for a vacant post, the EEAS is committed to providing reasonable accommodation in accordance with Art 1(d)(4) of the Staff Regulations.
APPLICATION AND SELECTION PROCEDURE[7]
Please send your CV and cover letter (with your EPSO CAST number), in English or French via email, with reference to the Vacancy Number in the Subject field, to RM-SCS-5-HR@eeas.europa.eu
Deadline for sending application: 20 October 2024 at 12.00 (CET).
Candidates shall draft their CV using the Europass CV, which can be found at the following internet address:http://europass.cedefop.europa.eu/en/documents/curriculum-vitae.
Late applications will not be accepted.
The selection panel will make a pre-selection on the basis of the qualifications and professional experience described in the CV and motivational letter, and will produce a shortlist of eligible candidates who best meet the selection criteria for the post. Please note that only shortlisted candidates will be informed about the outcome of the pre-selection phase.
The candidates who have been preselected will be invited for an interview by a selection panel.
The selection panel may decide, subsequent to the interview, to organise written tests, either for all pre-selected candidates or to the best ranked ones. The content of such written tests will be defined by the selection panel and may include, but not be limited to, multiple choice questions, open questions and/or topics for a short essay.
Pre-selected candidates without a valid CAST shall be invited to sit the CAST exam before or after the interview stage (in accordance with the eligibility criteria set out above).
The panel will then recommend a shortlist of candidates for a final decision by the Authority Authorised to Conclude Contracts of Employment (hereafter, the “AACC”). The AACC may decide to interview the candidates on the final shortlist before taking this decision.
It is recalled that the selection procedure may be terminated at any stage in the interest of the service.
In the interest of the service, after identifying the candidate that best fits the requirements of the post as set out in the vacancy notice, the AACC may also establish a reserve list of candidates. These candidates shall be informed that the reserve list shall remain valid for a period of one year from when it is established and that it may be used to fill the same post or an equivalent post in the EEAS with the same job profile.
[1] Staff Regulations of Officials of the European Union (SR) and the Conditions of Employment of Other Servants of the European Union (CEOS).
[2] Article 8 of the Commission Decision C(2017) 6760 of 16.10.2017 on the general provisions for implementing Article 79(2) of the Conditions of Employment of Other Servants of the European Union, governing the conditions of employment of contract staff employed by the Commission under the terms of Articles 3a and 3b thereof.
[3] Decision ADMIN(2023) 24 on the maximum duration of engagement by the European External Action Service of non-permanent staff under successive limited duration contracts of different types, and on the minimum lapse of time between successive contracts under Article 2(e) of the CEOS.
[4] All the eligibility criteria must be met on the closing date for applications to this post.
[5] OJ C 263, 26 July 2023, p.16.
[6] The ‘Personnel Security Clearance’ is defined under point 2 of Annex A I of the Decision ADMIN(2023) 18 on the security rules of the EEAS as “a statement by a competent authority of a Member State which is made following completion of a security investigation conducted by the competent authorities of a Member State and which certifies that an individual may, provided his ‘need-to-know’ has been determined, be granted access to EUCI up to a specified level (CONFIDENTIEL UE/EU CONFIDENTIAL or above) until a specified date; the individual thus described is said to be ‘security cleared’.”
[7] Your personal data will be processed in accordance with Regulation (EU) 2018/1725, as implemented by ADMIN(2019)8 Decision of the High Representative of the Union for Foreign Affairs and Security Policy. The privacy statement is available on the Europa website: (https://www.eeas.europa.eu/eeas/eeas-privacy-statement-data-protection-notice-purpose-processing-personal-data-related-public_en) and on the EEAS Intranet:(https://intranet.eeas.europa.eu/page/eeas-work/data-protection/privacy-statements-dp-notices).