IT Security Engineer (Expert) in the Digital Security Services Division
Type of contract: Fixed-term contract which may be converted into a permanent
contract after three years subject to individual performance and organisational needs.
Who can apply: EU nationals
Salary: F/G band and benefits
Working time: Full-time
Place of work: Frankfurt am Main, Germany
You will be part of the Digital Security Services Division in the Directorate General Information Systems. Comprising over 30 IT security professionals, the Division provides security governance, assurance, engineering and operational services to protect the ECB against cyber threats.
In your role as IT Security Engineer (Expert) you will be part of the IT Security Engineering team. Together with 14 colleagues, you will provide security technology services to the ECB and the European System of Central Banks by planning and developing new security technical controls, and by maintaining and further developing existing technical controls to ensure their optimum effectiveness. Among other technologies, the team is responsible for security information and event management services, identity governance and administration, and privileged access management services.
You will work mainly on implementing, maintaining and further developing security information and event management services (SIEM).
To further enhance the diversity of our team, we particularly encourage applications from female candidates.
We also encourage applications from candidates who are currently working, or have previously worked, as agency staff for the ECB’s IT department.
As an IT Security Engineer (Expert) you will:
- assume ownership for assigned security services, regularly liaise with stakeholders to understand their needs and propose and discuss solutions;
- contribute to the definition and improvement of security services, providing conceptual proposals and recommendations for continuous improvement and maintenance in cooperation with the architecture, infrastructure and operations functions;
- support operational teams in the design and continuous improvement of operational procedures for security services, to allow for full exploitation of the available technical platforms;
- develop and improve scripts, tools, procedures and technical documentation related to the security services provided by the IT Security Engineering team;
- provide third-level support for assigned services, including investigating, diagnosing and resolving incidents and problems escalated by other support lines;
- contribute to IT projects in their different phases, from design to implementation, including maintenance, release and documentation, with a focus on security aspects and on the integration of application and infrastructure services with security services;
- maintain the link between the ECB and relevant suppliers/service providers with underpinning contracts (escalation of incidents, call-off of supply and services, contribution to contract and service level management);
- contribute to the overall success of the Division by presenting proposals for the continuous improvement of the ECB’s digital security posture and by supporting colleagues within and outside the Division through the provision of IT expertise;
The position offers you excellent opportunities to apply state-of-the-art concepts and methods for protecting the information assets of a leading central bank, and extensive possibilities to further develop in your career. You will be part of a multicultural team that strives for continuous innovation to make a positive impact on the lives of European citizens.
Qualifications, experience and skills
- a master’s degree (or bachelor’s degree plus four years of relevant experience, or post-secondary vocational education plus eight years of relevant experience, or 12 years of relevant experience) in computer science, information systems, or another relevant field;
- in addition at least four and ideally eight or more years of experience as a security engineer, within a team or as a consultant;
- solid knowledge and experience in designing and implementing SIEM solutions;
- knowledge of and experience with endpoint protection solutions, Web Application Firewall solutions and security analytics;
- knowledge and experience in at least three of the following areas:
- e-mail security services;
- identity and access management, including federation;
- network security services;
- vulnerability management;
- machine learning;
- an advanced command of English and an intermediate command of at least one other official language of the EU.
- solid knowledge and experience in the design, implementation, administration and performance tuning of either Splunk or ArcSight environments;
- experience working in an information security sensitive environment, such as in the military or police forces or in finance, etc.;
- experience in applying standards such as ISO27001/2 or ITIL;
- security certifications such as CISSP, GIAC, CEH, OSCP, etc.;
- relevant experience working at the ECB.
You engage collaboratively with others. You pursue team goals and learn willingly from other people’s diverse perspectives. You signal any need for change by explaining it and proposing alternative solutions. You analyse complex information effectively and can evaluate different views to arrive at solutions. You know and anticipate stakeholder needs.
The formal title for this position will be IT Expert.
The recruitment process for this position may include a remote written exercise or remote interview at the pre-screening stage and – if you are invited to participate further in the selection procedure – an on-site written exercise, presentation, and panel interviews.