Head of IT Security
- Function title: Head of IT Security
- Reference: NOC-NM-2020-AD/133
- Location: Brussels
- Nature of competition: Internal and external competition
- Applicable regulations: Staff regulations
- Grades for publication: AD9-10-11-12
- Type of post: Administrator (AD5-AD12)
- Number of posts: 1
- Duration: 5 Year(s)
- Security clearance: EU/NATO SECRET
- Directorate/Service: NMD - Network Management Directorate
- Competition publication date: 05/02/2020
- Competition closing date: 18/03/2020 (23:59 Brussels time)
- Reserve list: Applicable - See details in the "Useful information" section
Within the Network Management Directorate, the Network Manager keeps the network operating as smoothly and efficiently as possible, working closely to support industry actors by providing services, functions, deliverables and training. The Network Manger delivers ATM performance for the pan-European network in the areas of safety, capacity, environment/flight efficiency and cost-effectiveness.
The Head of IT Security shall be responsible to the Chief Technology Officer for the implementation of IT Security strategy and principles. S/he will address areas such as IT security design and control, review of rules, policies, standards, etc including risk assessment and control activities. The Head of IT Security will manage a team of approximately 5+ staff.
Your role will be to:
- develop and implement his/her IT security objectives, and manage its range of activities and resources (budget and personnel);
- design, manage and control the protection of information and information systems from unauthorised access, use, disclosure, disruption, modification, or destruction and ensure integrity, confidentiality, and permanent availability of IT applications and IT infrastructure;
- develop and maintain information security rules and standards, procedures, guidelines and plans tailored to the specific needs of the information systems;
- provide cyber security services in order to support the Agency’s compliance to EU regulations as well as to protect EUROCONTROL assets, data and information;
- provide a Security Operations Centre (SOC);
- conduct ad-hoc penetration tests under well controlled conditions;
- manage the external provision of Managed Security Services (i.e. applicable to any of the above-mentioned services that are outsourced).
Required qualifications, experience & competencies
- Completed university studies of 4 years in a relevant domain, e.g. Master’s degree in an IT security related domain;
- A minimum 10 years of relevant experience;
- Internal candidates should check on the intranet to see what level of in-house experience is considered equivalent to educational qualifications where appropriate;
- Following Certification would be considered an advantage:
- CISM (certified information security manager),
- CISSP (Certified Information Systems Security Professional),
- GIAC (Global Information Assurance certification).
- Proficiency in information and cyber security and data protection;
- Experience/ in several of the following fields; security investigation, security management, security risk assessment, security management systems, threat mitigation, etc.;
- Knowledge of current and emerging IT security technologies;
- Communication: adapts communication to different situations and audiences;
- Managing people: sets and implements team standards;
- Problem solving: solves complex problems and provides effective solutions;
- Analytical thinking: applies methodical approach to complex information;
- Ability to work in a multinational and multicultural environment;
- Professional conduct in line with the corporate behaviours of the Agency, i.e. result-driven, readiness to change, customer focus, integrity and team-player approach;
- The languages of the Agency are English and French. Thorough knowledge (oral/written) of one of the working languages of the Agency (English/French) and satisfactory knowledge of the other language.
- Applications will be accepted from nationals of EUROCONTROL Member States only. At the closing date of the notice of competition, internal candidates must have completed their probationary period.
- This is an appointment for a determined period of 5 Year(s). It could be extended up to a maximum of 9 years or converted into an undetermined contract. Before being established in the post, the external candidate will be requested to provide certified copies of his/her degrees and successfully serve a probationary period of 9 months.
- Internal candidates appointed to an established post or for an undetermined period: If successful, the staff member will be appointed under the conditions set out above, while maintaining the previous terms of employment regarding his/her appointment (whether for an undetermined period or to an established post). At the end of the period of employment as mentioned above, if the assignment to this post is not extended or its duties do not become of a lasting nature, the staff member will, in accordance with the service regulations, be transferred to another post corresponding to his/her last type of post, grade and function group.
- Internal candidates appointed for determined period: If successful, the person will continue his/her current type of appointment if compliant with duration limits laid down in Annex Xb of the Staff Regulations/General Conditions of Employment.
- This post entails management activities. Established staff members will therefore have to serve a probationary period of 9 months. This period may be shortened to 6 months if the successful candidate is appointed following a competition preceded by a previous temporary assignment to the post for which s/he was selected.
- The successful candidate shall be appointed at the grade in the function group and to the type of post indicated in the vacancy notice, or, if a group of grades has been published, in principle at the basic grade.
- In case of reserve list: Suitable candidates, however not selected to fill the post, will be placed on a reserve list for similar functions. The period of validity of reserve list is 1 year from the approval of the selection board’s recommendations.
- Information on salary and benefits can be found on the web page: http://jobs.eurocontrol.int/what-we-offer
- EUROCONTROL is committed to non-discrimination and equal opportunities. In the event of equal merit, preference may be given to the applicant from to the under-represented diversity characteristics in order to complement diversity of teams and rebalance the workforce.
- Candidates should read the tips on how to apply.