Security and Safety Expert

• Function title: Security and Safety Expert
• Reference: NOC-NM-2026-AD/1127
• Location: Brussels
• The selected candidate must reside either at this location or within a reasonable proximity that allows for the satisfactory execution of their duties.
• Information about living in Brussels
• Nature of competition: Internal and external competition
• Applicable regulations: Staff regulations governing officials of the EUROCONTROL Agency
• Type of post: Administrator 
• Job level: AD6-AD9 - Check salary simulations for the basic grade
• Generic job title: Expert
• Number of posts: 1
• Duration of appointment: 5 Year(s) - renewal or conversion of the contract is possible under certain conditions see “Useful information” section
• Security clearance: EUROCONTROL, NATO or EU Secret
• Directorate/Service: NMD/SAF - Operational Safety, SQS & Integrated Risk Management Unit
• Working arrangement: EUROCONTROL operates a hybrid working model that combines onsite presence with remote work opportunities. Remote working is subject to specific limits set out in internal rules and must align with business needs and managerial approval. Please note that full-time remote work is not permitted.
• Competition publication date: 04/06/2026
• Competition closing date: 02/07/2026 (23:59 Brussels time)
• Reserve list: Applicable - See details in the "Useful information" section

Your team

Within the Network Management Directorate and the Operational Safety, SQS & Integrated Risk Management Unit (SAF), the Security and Safety Expert maintains and promotes security and safety policies, conducts assessments, applies methodologies to identify issues and recommends appropriate corrective actions. S/he contributes to developing and implementing security and safety processes and procedures related to the management systems. The role involves participating in or leading projects and providing analysis to support decision-making. The Security and Safety Expert contributes to security and safety events, delivers training and awareness sessions, and supports the production of technical reports and documentation.

Your role

• Perform security risk assessment and safety support assessment for technical/operational changes, applying security and safety methodologies and models to identify issues and propose remedial actions.
• Contribute to the development of security and safety deliverables including the preparation of security (e.g. Baseline Security Case, Initial Security Risk Assessment) and safety deliverables (e.g. Baseline Safety Support Assessment, Safety Support Case, Initial Safety Support Assessment, Safety Checklist) as well as documentation required for the notification and acceptance of changes.

• Contribute to defining and implementing security and safety processes, procedures and manuals to enhance NMD’s security and safety management systems, ensure regulatory compliance and support continuous improvement initiatives.
• Participate in and/or lead projects related to security and safety initiative projects and change initiatives, ensuring effective planning, progress monitoring, execution, and reporting.
• Participate in decision-making discussions by providing analysis and preparing supporting material for the acceptance of changes (e.g. Go no Go meetings, EASA notifications) and by engaging with stakeholders (internal and external e.g. ANSP) as required.
• Participate in security and safety events (e.g. webinars, workshops, conferences) and contribute to the delivery of training and awareness activities by contributing to content development, preparing materials, and delivering presentations on security and safety fundamentals.
• Contribute to the production and drafting of technical/administrative working documents, reports, presentations, etc.
• Contribute to the preparation and execution of audits (internal and suppliers) ensuring compliance with the EU regulatory frameworks and international standards
• Carry out any other task in line with the main purpose of the job.

Required qualifications, experience & competencies:

• Candidates must fulfil one of the following education and professional experience (in security and safety management and EU Regulations in the ATM/ANS domain) requirements:
  
  • Completion of third level studies in a relevant field (e.g. aeronautical engineering, IT engineering), meeting European Qualifications Framework (EQF) level 7 followed by at least 5 years relevant professional experience or
  • Completion of third level studies in a relevant field (e.g. aeronautical engineering, IT engineering), meeting European Qualifications Framework (EQF) level 6 followed by at least 6 years relevant professional experience.

• Internal candidates can check on the intranet to see what level of in-house experience is considered equivalent to educational qualifications where appropriate.
• The following professional trainings and certificates would be considered an asset:
• Security risk assessment.
• Safety assessment.
• IT quality related processes.
• Software development lifecycle.
• EUROCAE ED-153- (guidelines for ANS software safety assurance) or EUROCAE ED-109 (guideline for Software Integrity Assurance).
• ISO certified Lead/Internal auditor (ISO 9001/ISO 27001).
• Experience in performing security risk assessment and safety assessment in the ATM/ANS domain.
• Experience in monitoring compliance with EU Regulations in the ATM/ANS domain and EU Directives, in particular: CIR 2023/203, 2017/373 and the Conformity Assessment Regulatory Framework, NIS 2 Directive.
• Experience in the application of ATM Cybersecurity Maturity model, NIST2 CSF (Cyber Security Framework) and ISO 27001 would be an asset.
• Experience in implementing management system and standard of excellence in cybersecurity, and in developing processes, procedures and policy.
• Comprehensive understanding of the full software product life cycle and development methodologies (e.g. Agile, DevOps, Waterfall).
• Excellent technical writing and presentation skills.
• Communication: You adapt your communication to different situations and audiences.
• Teamwork: You foster teamwork.
• Analytical thinking: You apply a methodical approach to complex information.
• Problem solving: You anticipate and solve business problem.
• Networking: You know how to maintain and expand effective networks.
• Ability to work in a multinational and multicultural environment.
• Professional conduct in line with the corporate behaviours of the Agency, i.e. result-driven, readiness to change, customer focus, integrity and team-player approach.
• The working languages of the Agency are English and French. For this particular job, candidates must be proficient users of English at level C1. The selected candidate will be required to become basic users of French at level A2 before the end of the probation period. The levels relate to the Common European Framework. Common European Framework of References for languages (CEFR).

Useful information

• Applications will be accepted from nationals of EUROCONTROL Member States only.
• The selected candidate may be required to provide documentary evidence confirming they meet the minimum education requirements. They will be informed if and when specific evidence is needed. Please note that no offer (for external candidates) or appointment (for internal candidates) will be made until the necessary evidence, if required, is validated.
• The selected candidate will be appointed in accordance with the provisions of the Staff regulations governing officials of the EUROCONTROL Agency.
• Conditions depending on current type of engagement
  Internal staff appointed for a determined period
  • Retain their current type of appointment duration.
  • Continue under their existing appointment duration, as appointment durations are not cumulative.
  • The duration of their appointment will therefore not restart upon selection to the new post, i.e. the remaining duration of their current determined appointment continues to apply.
  • Renewal(s): This appointment may be renewed several times, but its total duration, including all renewal periods, may not exceed nine (9) years.
  • Conversion: Conversion to an undetermined duration appointment is possible where all of the following cumulative conditions are met: the post is confirmed as being of a lasting nature; the staff member has completed at least five years of service; the staff member’s performance has been satisfactory; and the conversion is in the interests of the service. Conversion is therefore not automatic.
  Internal staff appointed for an undetermined period
  • Retain their current type of appointment duration.
  At the end of the 5 Year period of the post for which they were selected:
  • If the assignment is extended, they will continue in the post in accordance with the applicable rules.
  • If the assignment is not extended and/or the duties are not confirmed as being of a lasting nature, they will be transferred to another post corresponding to their “previous” type of post, job level, and function group.
• The selected candidate must successfully complete a probationary period of nine (9) months before being established in the post.
• The selected candidate shall be appointed at the grade set out in this vacancy notice, or if a group of grades has been published for a job level, in principle at the basic grade of the published job level.
• Candidates declared suitable who are not selected for the post will be placed on a reserve list for similar roles. The reserve list will be valid for one year from the closing date of applications.
• Information on salary and benefits can be found on our Careers site
• EUROCONTROL is an equal opportunities employer. We are committed to equality and diversity. In the event of equal merit, preference may be given to the applicant from the under-represented diversity characteristics in order to complement diversity of teams and rebalance the workforce.
• Candidates should go to our Careers site and .