IT Security Architect

• Function title: IT Security Architect


• Reference: NOC-NM-2020-AD/195


• Location: Brussels


• Nature of competition: Internal and external competition


• Applicable regulations: Staff regulations


• Grades for publication: AD7-8


• Type of post: Administrator (AD5-AD12)


• Number of posts: 1


• Duration: 5 Year(s)


• Security clearance: EU/NATO SECRET


• Directorate/Service: NMD/TEC/SEC - IT Security service


• Competition publication date: 20/02/2020


• Competition closing date: 19/03/2020 (23:59 Brussels time)


• Reserve list: Applicable - See details in the "Useful information" section

Your team

Within the Network Management Directorate, "Technology" (TEC) develops and maintains NMD's mission-critical systems, including all NM ops systems, the related communications facilities and technical infrastructure; and supports the Agency's IT solutions and services (excluding MUAC).

Within TEC, the IT  Security Service is responsible for the implementation of IT Security strategy and principles. It addresses areas such as IT security design and control, review of rules, policies, standards, including risk assessment and control activities.

Your role

Your role will be to:

• Design security architecture elements at IT application and infrastructure level, seeking to make systems as free of vulnerabilities and impervious to attack as possible;


• Propose solutions that balance business requirements with information and cyber security requirements;


• Gain a thorough understanding of, and continuously and consistently monitor applications and infrastructure, and identify current and emerging security threats;


• Take on all security aspects within a project and define associated security requirements;


• Collaborate closely with application/software architects and infrastructure architects;


• Participate in recommending underlying tools (e.g. identity access) to protect the Agency from unauthorised access, use, disclosure, disruption, modification or destruction in order to ensure integrity, confidentiality, and permanent availability of all IT applications and systems;


• Perform any other task in line with the main purpose of the job.

Required qualifications, experience & competencies

• Completed university studies of 4 years in a relevant domain (e.g. Computer Science; Cyber Security);


• Internal candidates should check on the intranet to see what level of in-house experience is considered equivalent to educational qualifications where appropriate;


• A minimum of 5 years of relevant working experience;


• Professional training/certificate: would be considered an advantage:
  
  
  
  • CISM (Certified Information Security Manager);
  
  
  • CISSP (Certified Information Systems Security Professional);
  
  
  • GIAC (Global Information Assurance Certification);
  
  
  
  


• Proficiency in information and cyber security and data protection;


• Experience in several of the following fields: security investigation; security management; security risk; assessment; security management systems; threat mitigation;


• Knowledge of current and emerging IT security technologies;


• Knowledge of security standards and practices (ISO 27001, ISMS);


• Experience in designing and implementing security solutions;


• Communication: Fosters two-way communication;


• Team work: Fosters teamwork;


• Problem solving: Solves complex problems and provides effective solutions;


• Analytical thinking: Applies methodical approach to complex information;


• Ability to work in a multinational and multicultural environment;


• Professional conduct in line with the corporate behaviours of the Agency i.e. result-driven, readiness to change, customer focus, integrity and team-player approach;


• Thorough knowledge (oral/written) of one of the working languages of the Agency (English/French) and satisfactory knowledge of the other language to the extent necessary for the performance of the described job. For this particular function, thorough knowledge (oral/written) of English is required.

Useful information

• Applications will be accepted from nationals of EUROCONTROL Member States only. At the closing date of the notice of competition, internal candidates must have completed their probationary period.


• This is an appointment for a determined period of 5 Year(s). It could be extended up to a maximum of 9 years or converted into an undetermined contract. Before being established in the post, the external candidate will be requested to provide certified copies of his/her degrees and successfully serve a probationary period of 9 months.


• Internal candidates appointed to an established post or for an undetermined period: If successful, the staff member will be appointed under the conditions set out above, while maintaining the previous terms of employment regarding his/her appointment (whether for an undetermined period or to an established post). At the end of the period of  employment as mentioned above, if the assignment to this post is not extended or its duties do not become of a lasting nature, the staff member will, in accordance with the service regulations, be transferred to another post corresponding to his/her last type of post, grade and function group.


• Internal candidates appointed for determined period: If successful, the person will continue his/her current type of appointment if compliant with duration limits laid down in Annex Xb of the Staff Regulations/General Conditions of Employment.


• The successful candidate shall be appointed at the grade in the function group and to the type of post indicated in the vacancy notice, or, if a group of grades has been published, in principle at the basic grade.


• In case of reserve list: Suitable candidates, however not selected to fill the post, will be placed on a reserve list for similar functions. The period of validity of reserve list is 1 year from the approval of the selection board’s recommendations.


• Information on salary and benefits can be found on the web page: http://jobs.eurocontrol.int/what-we-offer


• EUROCONTROL is committed to non-discrimination and equal opportunities. In the event of equal merit, preference may be given to the applicant from to the under-represented diversity characteristics in order to complement diversity of teams and rebalance the workforce.


• Candidates should read the tips on how to apply. Item 1 includes information on the EUROCONTROL competency models (technical & behavioural) – Candidates should refer to the behavioural competency model to know the behaviours expected for the different levels.