Specialist – ICT Security

BACKGROUND, MAIN PURPOSE AND TASKS OF THE POST

The C1 ICT Department has the responsibility for devising, delivering and operating critical technology capabilities and solutions supporting the core mission and support processes of Europol. Over 150 internal staff members and a significant number of domain-specific consultants are responsible for devising, developing, delivering and operating information management and communication technology capabilities that ensure enhanced criminal information analysis and exchange among Europol, Member States and third parties.
The ICT Infrastructure & Operations Unit, responsible for the operations and management of the Europol ICT Infrastructure. This includes Workplace services, Customer Service Centre, Solutions Operations and Deployment services, Infrastructure services and ICT Security. 

The incumbent will be responsible for the administration and management of the organisation’s ICT security solutions in order to ensure that information resources are adequately protected in terms of confidentiality, integrity and availability.

The ICT Security specialist will participate in all aspects of ICT security while focusing primarily on administration and management, including monitoring, analysing, detecting, and responding to ICT security incidents.

The successful applicant will have to carry out the following main duties:

• Implement security specific technology solutions across all layers of the deployed ICT Security infrastructure, operating systems and applications, network and telecommunication devices, including 3rd party services, middleware and applications;

• As part of the Embedded ICT Security team, ensure the continued provision of adequate protection in relation to the Europol ICT infrastructure;

• Participate in the implementation, operation and daily verification of the security infrastructure elements including wireless security, endpoint security, VPN, Firewalls, IDS/IPS, Web Security Gateways, Web Application Firewalls, Database Activity Monitoring, SIEM;

• Provide support in ICT Security incidents resolution at the infrastructure operational level, and proactively detect anomalies or patterns that may result into problems for the ICT Security, availability, stability, performance or capacity of the system;

• Perform any other tasks in the area of competence as assigned by the line manager.

REQUIREMENTS - ELIGIBILITY CRITERIA

a. Candidates must
• Be a national of one of the Member States of the European Union and enjoy full rights as a citizen;
• Have fulfilled any obligations imposed by the applicable laws on military service;
• Produce appropriate character references as to his or her suitability for the performance of the duties;
• Be physically fit to perform the duties pertaining to the position (prior to appointment the successful candidate will be medically examined by one of the institution’s medical officers in order that the institution may be satisfied that the candidate fulfils the requirements of Article 12(2)(d) CEOS)
• Produce evidence of a thorough knowledge of one of the languages of the Union and a satisfactory knowledge of another language of the Union to the extent necessary for the performance of the duties.

b. Candidates must have
A level of education that corresponds to completed university studies attested by a diploma when the normal period of university education is three years or more;

 OR

Professional training of an equivalent level in a relevant area and after having completed the training, at least the number of years of relevant professional experience as indicated below:

Duration of professional training   Additional professional experience required for equivalency
More than 6 months and up to 1 year  3 years
More than 1 year and up to 2 years       2 years
More than 2 years                                     1 year

In addition to the above at least 3 years of total professional work experience gained after the award of the diploma.

REQUIREMENTS - SELECTION CRITERIA

a. Professional experience (assessed mainly during the Shortlisting phase): 
Essential: 
• At least three (3) years of working experience, performing configuration, support and maintenance tasks on ICT security solutions, including firewalls, IDS/IPS, SIEM, Endpoint Security in large ICT environments;
• Experience in using vulnerability assessment tools both commercial and open source focused on infrastructure, as well as business applications;
• Experience in conducting technical security policy configuration reviews (firewall rule base review, review of infrastructure servers against security baselines, etc.).
• Experience in performing regular monitoring and analysis of technical logs, including operating system, infrastructure and communications equipment;
• Experience in the area of web portal and applications security including web server hardening, identity management and application integration;
• Experience in the field of database security (protection and auditing).

b. Professional knowledge (assessed during the Internal Selection procedure)
Essential:
• Excellent understanding of Information Security principles;
• Comprehensive ICT (cyber) security background, covering the majority of the following domain areas:
• Authentication and authorisation methodologies (including Identity and access management);
• Use of encryption technologies (including high assurance crypto solutions); 
• Network architectures and security (including firewalls, host and network intrusion prevention, detection, etc.);
• Application security (including application gateways and secure session management);
• Vulnerability assessment and security compliance solutions; 
• Endpoint security;
• Expertise in TCP/IP, web architectures and technologies;
Desirable: 
• Knowledge of recognised security assessment methodologies such as open source security testing methodology and the OWASP testing guide, OWASP Application Security Verification Standard and of emerging infrastructure and of application security testing best practices - qualification or hands-on experience;
• CISSP, CEH, CISA Certifications;
• Vendor specific ICT security product certifications.

c. General competencies (assessed during the Selection procedure): 
Essential:
Communicating:
• Very good communication skills in English, both orally and in writing;
• Ability to draft clear and concise documents on complex matters for various audiences.
Analysing & problem solving:
• Keen eye for detail with the ability to maintain standards of accuracy under pressure of tight deadlines;
• Excellent analytical and critical thinking skills;
• Competent user of Microsoft Office applications and the internet. 
Delivering quality and results:
• High degree of commitment and flexibility;
• High level of customer and service-orientation.
Prioritising and organising:
• Good administrative and organisational skills.
Resilience:
• Very good interpersonal skills, with the ability to work well, both independently and in a team;
• Ability to remain effective under a heavy workload and demonstrate resistance to stress. 
Living diversity:
• Ability to work effectively in an international and multi-cultural environment.

d. Fulfil the condition stipulated in Article 5 of the Decision of the Executive Director on the Duration of contracts of employment for Temporary Agents, on the start date of the possible contract of employment which may be offered.

SELECTION PROCEDURE

The Authority Authorised to Conclude Contracts of Employment (AACC) sets up a Selection Committee, which consists of at least three members, consisting of one chair and at least one member from the Administration of Europol and one member designated by the Staff Committee.

In specific cases, in particular for selection procedures of experts, additional members may be designated from Europol, from outside Europol or from outside the Union institutions.

The Selection Committee determines candidates’ suitability for the position by assessing their skills, experience and qualifications against the established job profile and makes an initial selection from the applications received.

The Selection Committee will invite the 5 highest scoring candidates (short-listed). All candidates having a score equal to the 5^thhighest scoring candidate will be included to the list of invited candidates.

Shortlisted applicants are invited to participate in a post-related selection procedure, generally consisting of written and/or practical tests and competency-based interviews.

The AACC takes a decision of appointment on the basis of advice from the Selection Committee, and will inform the Selection Committee accordingly. The AACC has also the possibility to establish a reserve list of successful candidates, which is, in principle, valid for 12 months. The validity of the reserve list may be extended, in principle, for 12 months. All candidates who attend the selection procedure will be informed of the outcome.

Candidates who attended a selection procedure may request feedback on their performance of the written test and interview within three months after the selection procedure. Europol will not be in a position to respond to feedback inquiries received outside this time frame.

The Selection Committee’s work and deliberations are confidential. It is forbidden for candidates to make direct or indirect contact with the members of the Selection Committee or for anyone to do so on their behalf. All enquiries or requests for information or documentation in relation to the competition should be addressed to the Europol Recruitment Team.

Detailed information on the selection procedure, including the appeal procedure is available in the Europol Recruitment Guidelines, which can be found on Europol’s website.

SALARY

Scale: AD6

The gross basic monthly salary is EUR 5.416,58 (step 1) or EUR 5.644,20 (step 2).

The step in grade is determined on the basis of professional experience gained after the education required for the position and in line with applicable implementing rules.

Staff pay EU tax at source but salaries are exempt from national taxes. Compulsory deductions are made for medical insurance, pension and unemployment insurance. 

Subject to the applicable conditions being met, as defined in the EUSR/CEOS and further specified in the case law of the Court of Justice of the European Union, allowances such as expatriation allowance (16% of basic gross salary) or foreign residence allowance (4% of basic gross salary), household allowance, dependent child and / or education allowance may be granted. 

Staff enjoy worldwide insurance coverage by the Joint Sickness Insurance Scheme (JSIS) and are insured against sickness, the risk of occupational disease and accident (conditions and ceilings apply).

Europol offers flexible working arrangements, a comprehensive provision for annual leave as well as parental leave supporting a healthy work-life balance

Indicative net salary sample calculation AD6/1:
a) Staff member (single) in receipt of expatriation allowance (16%): EUR 5.602,32 
b) Staff member with two dependent children in their custody in receipt of expatriation allowance (16%): EUR 7.273,64

The above information is indicative and for information purposes only. It is merely meant to give an indication of the possible net salary in light of the currently applicable amounts of the related allowances and the level of taxation. It has no legal value and no rights can be derived from it. 

The information is based on figures applicable as of July 2018.

TERMS AND CONDITIONS

Probation period

Engagement for this position is subject to the successful completion of a probationary period of 9 months. Within this period the successful candidate will have to undergo a post-related security screening.

Europol reserves the right to terminate the contract of employment during or at the end of the probation period in accordance with Article 14 of CEOS.

Security screening and certificate of good conduct

All candidates who have successfully passed a selection procedure are required to apply for a national “certificate of good conduct” at the time an offer of employment is made. The “certificate of good conduct” must be provided to Europol prior the signature of the employment contract. In case of unfavourable entries in the “Certificate of good conduct” Europol reserves the right not to award an employment contract.

However, the national certificate of good conduct does not substitute a valid full Personal Security Clearance Certificate (PSCC) that must be obtained for all Europol staff at the level indicated in this Vacancy Notice. A PSCC is a certificate issued by a competent authority establishing that an individual is security cleared. It contains: the level of clearance; the date of issuance and the date of expiry. Failure to obtain the requisite security clearance before the expiration of the probationary period may be cause for termination of employment contract.

The requested level of Security Clearance for this post is: SECRET UE/EU SECRET.

Contract of employment

The successful candidate will be recruited in the type of post Administrator, function group AD, grade 6 pursuant to Article 2 (f) of CEOS and Annex I EUSR.

The initial contract will be concluded for a period of 4 years (full-time – 40 hours a week). The contract may be renewed, in principle, for a period of 2 years. Any further renewal shall be for an indefinite duration.

If the successful candidate is already a member of temporary staff 2(f) in the relevant function group, he/she will be offered the opportunity of contract continuity, subject to establishment plan availabilities. 

The place of employment will be The Hague, The Netherlands.

For further information on terms and conditions please consult the EU Staff Regulations which are available on Europol’s website.

ADDITIONAL INFORMATION

Privacy Statement 
Europol respects your privacy and is committed to protecting your personal data. Your data will be processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data applicable to Europol under Article 46 of the Europol Regulation.

For additional information, please consult the applicable privacy statement available on our website.

Main dates
Deadline for application:  23 September 23:59 CET
Recruitment procedure:   October 2019

Application process and selection procedure
Please refer to the EUROPOL RECRUITMENT GUIDELINES available on Europol’s website for further details on the application process and the selection procedure.

Contact details
For further details on the application process please call +31 (0) 70 353 1298 or +31 (0) 70 302 5235.