Senior specialist ICT security, ICT department, Capabilities Directorate

ABOUT EUROPOL

This selection procedure is intended to establish a reserve list of successful candidates (indicative number is three). Europol may retain the right to make use of the reserve list to select candidates for similar posts, should business needs require so.

Should (a) vacant post(s) be filled by means of the internal selection procedure, this external selection procedure may be consequently cancelled.

Organisational setting:
The ICT Department is in the forefront of technology innovation with the responsibility for devising, delivering and operating modern ICT capabilities supporting the core mission and support processes of Europol. Over 140 internal staff members and a significant number of domain-specific consultants are responsible for developing, delivering and operating modern information management and communication technology capabilities that ensure enhanced criminal information exchange among Europol, Member States and third parties.

Purpose of the post:
The incumbent of the position is in charge of developing detailed technical designs of ICT Security solutions as well as ICT security operational services.

The Senior Specialist ICT Security is also to provide ICT security advisory services internally to other units and teams within the context of their ICT domains (e.g. infrastructure, networks, applications and endpoints).

Reporting lines:
The incumbent reports to the Head of Team – Embedded ICT Security.

BACKGROUND, MAIN PURPOSE AND TASKS OF THE POST

The incumbent carries out the following main functions and duties:
• Design and coordinate cohesive responses to security events that involve multiple teams across the organization;
• Incorporate solution architecture, security and compliance requirements into detailed security design across infrastructure and application components;
• Recognize, adopt, influence, and instil security best practices throughout the organization;
• Conduct sophisticated security reviews - from high-level infrastructure architecture to application-level parameters to code-level reviews in order to meet security goals;
• Provide subject matter expertise on architecture and security-related issues;
• Implement security specific technology solutions across all layers of the deployed ICT Security infrastructure, operating systems and applications, network and telecommunication devices, including 3rd party services, middleware and applications;
• Provide support in ICT Security incidents resolution at the infrastructure operational level, and proactively detect anomalies or patterns that may result into problems for the ICT Security, availability, stability, performance or capacity of the system;
• Advise and consult with internal customers on risk assessment, threat modelling, and vulnerability remediation;
• Any other duties in the area of competence as assigned by the line management.

REQUIREMENTS - ELIGIBILITY CRITERIA

a. Candidates must
• Be a national of one of the Member States of the European Union and enjoy full rights as a citizen
• Have fulfilled any obligations imposed by the applicable laws on military service;
• Produce appropriate character references as to his or her suitability for the performance of the duties
• Be physically fit to perform the duties pertaining to the position (prior to appointment the successful candidate will be medically examined by one of the institution’s medical officers in order that the institution may be satisfied that the candidate fulfils the requirements of Article 12(2)(d) of the Conditions of Employment of Other Servants of the European Union (CEOS)
• Produce evidence of a thorough knowledge of one of the languages of the Union and a satisfactory knowledge of another language of the Union to the extent necessary for the performance of the duties

b. Candidates must have
• A level of education which corresponds to completed university studies attested by a diploma when the normal period of university education is four years or more

OR
• A level of education which corresponds to completed university studies, attested by a diploma and appropriate professional experience of at least 1 year when the normal period of university education is 3 years

OR
• Professional training of an equivalent level in a relevant area (e.g. Police Officer’s School) and after having completed the training, at least the number of years of relevant professional experience as indicated below:

Duration of professional training   Additional professional experience                                                                                         required for equivalency
More than 6 months and up to 1 year     4 years
More than 1 year and up to 2 years        3 years
More than 2 years and up to 3 years       2 year
More than 3 years                                    1 year

• In addition to the above at least6 yearsof professional work experience gained after the award of the diploma.

REQUIREMENTS - SELECTION CRITERIA

a. Professional experience (assessed mainly during the Shortlisting phase):
Essential:
• At least 6 years of working experience in large ICT environments with cyber/security engineering or architecture roles
• Professional experience in defining technical security configuration standards based on best practices and ensuring enforcement of these
• Experience in providing security consultancy and engineering services in complex ICT solution development activities
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments
• Experience in maintaining core security technology solutions (IDS, Firewall, VPN, SIEM, EDR, AV, DLP, PKI, etc.)
• Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies

REQUIREMENTS - SELECTION CRITERIA

Essential:
• Experience in effective implementation of Software Security Development Lifecycle and software maturity model
• Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
Desirable:
• Experience in configuring and administering Web Application Firewalls, DB Protection & Monitoring solutions and Application Delivery/Services tools
• Experience in Container Security & Cloud Native Security tools and capabilities
• Technical writing experience
• Experience of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc)
• Experience of modern cloud native security solutions

 b. Professional knowledge(assessed during the Selection procedure - Written/Practical test and/or Interview)
Essential:
• In-depth knowledge of ICT security principles
• Comprehensive ICT security background with focus on areas such as application security, data protection, cryptography, key management, identity and access management, network security
• Knowledge of risk assessment methodologies, cloud risk assessment methodologies and information security standards
• Threat hunting, security analytics and machine learning knowledge
• Expertise with application security standards (e.g. OWASP ASVS) and Security Development Lifecycle (SDL)
• Firm understanding of the offerings within VMware, Amazon Web Services (AWS) and the Microsoft Azure platforms
• Experience architecting solutions within Amazon Web Services (AWS), Azure, VMware NSX

c. General competencies(assessed during the Selection procedure - Written/Practical test and/or Interview)
Essential:
Communicating:
• Excellent communication skills in English, both orally and in writing;
• Excellent presentation skills
• Ability to draft clear and concise documents on complex matters for various audiences
Analysing & problem solving:
• Structured approach to work aimed at getting results
• Excellent analytical and critical thinking skills
• Competent user of Microsoft Office applications and the internet
Delivering quality and results:
• High degree of commitment and flexibility
• High level of customer and service-orientation
Prioritising and organising:
• Excellent organizational skills including the ability to plan own work load, establish clear priorities and exercise initiative
• Ability to manage projects and familiarity with project management terminology and methodology
Resilience:
• Strong ability to work well both independently and in a team
• Very good interpersonal skills, including the ability to effectively liaise with other departments, groups and teams as well as with external partners
• Ability to remain effective under a heavy workload and demonstrate resistance to stress
Living diversity:
• Ability to establish and maintain effective working relations with co-workers in an international and multi-disciplinary work environment
Advising:
• Ability to synthesise various data into a coherent and relevant whole, transforming it into a valuable and correct conclusion
• Building constructive relationships with clients, adequately identifying and managing their needs and expectations, and giving well-grounded advice

d. Additional conditions:
Fulfil the condition stipulated in Article 5 of the Decision of the Executive Director on the Duration of contracts of employment for Temporary Agents, on the start date of the possible contract of employment which may be offered.

SELECTION PROCEDURE

All applications for Temporary Agent posts must be submitted through the online recruitment system accessible via Europol’s website.

The Authority Authorised to Conclude Contracts of Employment (AACC) sets up a Selection Committee, which consists of at least three members, consisting of one chair and at least one member from the Administration of Europol and one member designated by the Staff Committee.

The Selection Committee determines candidates’ suitability for the position by assessing their skills, experience and qualifications against the established job profile and makes an initial selection from the applications received.

The Selection Committee will invite the 5 highest scoring candidates (shortlisted). All candidates having a score equal to the 5th highest scoring candidate will be included to the list of invited candidates.

Shortlisted applicants are invited to participate in a post-related selection procedure, consisting of one or more written and oral exercises/competency based interviews.

The AACC takes a decision of appointment based on advice from the Selection Committee, and will inform the Selection Committee accordingly. The AACC has also the possibility to establish a reserve list of successful candidates, which is, in principle, valid for 12 months. The validity of the reserve list may be extended once, in principle, for 12 months. All candidates who attend the selection procedure will be informed of the outcome.

Candidates who attended a selection procedure may request feedback on their performance of the written test and interview within three months after the selection procedure. Europol will not be in a position to respond to feedback inquiries received outside this time frame.

The Selection Committee’s work and deliberations are confidential. It is forbidden for candidates to make direct or indirect contact with the members of the Selection Committee or for anyone to do so on their behalf. All enquiries or requests for information or documentation in relation to the competition should be addressed to the Recruitment and Selection Team.

Detailed information on the selection procedure, including the appeal procedure is available in the Europol Recruitment Guidelines available on Europol’s website.

SALARY

Scale: AD7
The basic monthly salary is EUR6.251,08(step 1) or EUR6.513,76(step 2).

The step in grade is determined on the basis of professional experience gained after the education required for the position and in line with applicable implementing rules.

Staff pay EU tax at source but salaries are exempt from national taxes. Compulsory deductions are made for medical insurance, pension and unemployment insurance.

Subject to the applicable conditions being met, as defined in the EU Staff Regulations (EUSR)/CEOS and further specified in the case law of the Court of Justice of the European Union, allowances such as expatriation allowance (16% of basic gross salary) or foreign residence allowance (4% of basic gross salary), household allowance, dependent child and/or education allowance may be granted.

Staff enjoy worldwide insurance coverage by the Joint Sickness Insurance Scheme (JSIS) and are insured against sickness, the risk of occupational disease and accident (conditions and ceilings apply).

Europol offers flexible working arrangements, a comprehensive provision for annual leave as well as parental leave supporting a healthy work-life balance.

Indicative net salary sample calculation AD7/1:
a) Staff member (single) in receipt of expatriation allowance (16%): EUR 6488
b) Staff member with two dependent children in their custody in receipt of expatriation allowance (16%): EUR 8297

The above information is indicative and for information purposes only. It is merely meant to give an indication of your possible net salary in light of the currently applicable amounts of the related allowances and the level of taxation. It has no legal value and no rights can be derived from it.

The information is based on figures applicable as of July 2019.

TERMS AND CONDITIONS

Contract of employment
The successful candidate will be recruited in the type of post Administrator and function group AD, grade 7 pursuant to Article 2(f) CEOS and Annex I EUSR.

The initial contract will be concluded for a period of 4 years (full-time – 40 hours a week). The contract may be renewed, in principle, for a period of 2 years. Any further renewal shall be for an indefinite duration.

If the successful candidate is already a member of temporary staff 2(f) in the relevant function group, he/she will be offered the opportunity of contract continuity, subject to establishment plan availabilities.

The place of employment will be The Hague, The Netherlands.

For further information on terms and conditions, please consult the EUSR/CEOS available onEuropol’s website.

Conditions of engagement
In exceptional cases, where justified in the interest of the service, the AACC may recruit a candidate who is a successful candidate in a selection procedure for temporary staff 2(f) CEOS as contract staff 3(a) CEOS if the selection is considered to be appropriate to the duties to be performed.

Probation period
Engagement for this position is subject to the successful completion of a probationary period of 9 months.

Europol reserves the right to terminate the contract of employment during or at the end of the probation period in accordance with Article 14 CEOS.

Security screening and certificate of good conduct
Candidates who have been recruited to a post at Europol are required to furnish a valid certificate of good conduct before the start of their employment. The certificate of good conduct must be provided to Europol prior the signature of the employment contract. The certificate of good conduct must be issued by the relevant authorities of the country of nationality of the candidate and must not be older than three months at the time of submission to Europol. Europol reserves the right not to proceed with the signature of the contract based on the content of the certificate or if the candidate fails to provide the certificate to Europol.

The certificate of good conduct does not substitute a valid security clearance required for all Europol staff at the level indicated in the vacancy notice. Failure to obtain the requisite security clearance before the expiration of the probationary period may be cause for termination of the employment contract.

Candidates who currently hold a valid security clearance at the level indicated in the vacancy notice or above do not need to obtain a certificate of good conduct or a new security clearance and must provide a copy of the current security clearance certificate to Europol prior to the signature of the employment contract. Europol shall verify and confirm the continued validity of the security clearance. In case Europol determines that the security clearance is not valid, the candidate will be required to provide a valid certificate of good conduct prior to the signature of the employment contract. Europol may at any time terminate the employment contract if the result of the security screening is not positive and the necessary clearance level is not granted or extended.

The requested level of security clearance for this post is:SECRET UE/EU SECRET.

ADDITIONAL INFORMATION

Equal opportunity
Europol is an equal opportunities employer and encourages applications without distinction on the basis of gender, colour, racial, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, nationality, age, sexual orientation or gender identity.

Europol aims to create and maintain a healthy and attractive work environment that supports our colleagues in their career planning and in achieving a healthy work-life balance.

Employment at Europol is open to nationals of EU Member States. There is no nationality quota system in operation, but Europol is striving for a broad range of nationalities in order to keep a well-balanced geographical distribution among its staff members.

Privacy Statement
Europol respects your privacy and is committed to protecting your personal data. Your data will be processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data applicable to Europol under Article 46 of the Europol Regulation.

For additional information, please consult the applicable privacy statement available on ourwebsite.

Statutory obligations upon leaving the service
Pursuant to Article 16 of the EU Staff Regulations, EU officials and, by analogy, temporary agents continue to be bound by the duty to behave with integrity and discretion as regards the acceptance of certain appointments or benefits’ after leaving the service. Those staff members intending to engage in an occupational activity within two years of leaving the service shall inform their institution, so that it may take an appropriate decision in that respect. In cases where the intended activity is related to the work carried out by the staff member during the last three years of service and could lead to a conflict with the legitimate interests of the institution, the decision to be taken may include forbidding the staff member from undertaking it or giving its approval subject to any conditions it thinks fit.

Main dates
Deadline for application:18 September 2020, 23:59 Amsterdam Time Zone
Recruitment procedure: October 2020

Application process and selection procedure
Please refer to the EUROPOL RECRUITMENT GUIDELINES available on Europol’s websitefor further details on the application process and the selection procedure.

Contact details
For further details on the application process please call +31 (0) 70 353 1146 or +31 (0) 70 353 1152.