Senior Specialist – ICT Security (AD7)

Europol/2019/TA/AD7/355

ABOUT EUROPOL

This selection procedure is intended to establish a reserve list of successful candidates (indicative number: 3). Europol may retain the right to make use of the reserve list to select candidates for similar posts, should business needs require so.

Europol is a well-established and recognised organisation that became an EU agency in 2010. It is constantly looking for creative, self-reliant and energetic employees, who are up to the challenges involved in international crime-fighting, to work in its state-of-the-art headquarters in The Hague, the Netherlands.

It employs more than 1,000 personnel, including around 130 analysts, to identify and track the most dangerous criminal and terrorist networks in Europe. Our people come from a variety of professional backgrounds such us law enforcement, finance, legal, information technologies, human resources, communication, etc.

Working in close-knit teams, our specialists use their expertise and our cutting-edge technology to support investigations into serious organised crime and terrorism within and outside the EU.

A solid track record
Europol has:
• disrupted many criminal and terrorist networks
• contributed to the arrest of thousands of dangerous criminals
• helped recover millions of euros of crime proceeds
• helped hundreds of victims of trafficking and abuse, including children.

The working environment at Europol has a lot to offer. It is:
• highly collaborative
• intellectually stimulating
• multilingual
• multidisciplinary
• international

Prospective candidates should be prepared to work in a dynamic and fast-moving environment that requires a high level of flexibility, and should have the ability to perform well within a team.

Equal opportunity
Europol is an equal opportunities employer and encourages applications without distinction on the basis of gender, colour, racial, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, nationality, age, sexual orientation or gender identity.

We aim to create and maintain a healthy and attractive work environment that supports women and men in their career planning and in achieving a healthy work-life balance.

Employment at Europol is open to nationals of EU Member States. There is no nationality quota system in operation, but Europol is striving for a broad range of nationalities in order to keep a well-balanced geographical distribution among its staff members. Applications from female candidates are particularly encouraged.

If you would like to be part of a supportive team that allows you to make a strong contribution, and if you have seen a position that appeals to you, we'd like to hear from you.

BACKGROUND, MAIN PURPOSE AND TASKS OF THE POST

Under Europol’s organisational structure, the Capabilities Directorate hosts two Departments, being ICT (C1) and the Administration (C5) and a team managing Europol’s portfolio of information management products and services (CDBPM).

The C1 ICT Department has the responsibility for devising, delivering and operating critical technology capabilities and solutions supporting the core mission and support processes of Europol. Over 150 internal staff members and a significant number of domain-specific consultants are responsible for devising, developing, delivering and operating information management and communication technology capabilities that ensure enhanced criminal information analysis and exchange among Europol, Member States and third parties.

The ICT Infrastructure & Operations Unit, responsible for the operations and management of the Europol ICT Infrastructure. This includes Workplace services, Customer Service Centre, Solutions Operations and Deployment services, Infrastructure services and ICT Security.

The holder of the position is in charge of developing detailed designs of ICT Security solutions as well as ICT security operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events and incident response actions.

The ICT security senior specialist is also to provide ICT security advisory services internally to other units and teams within the context of their ICT domains (e.g. infrastructure, networks, applications and endpoints.)

The successful applicant will have to carry out the following main duties:

• Design and coordinate cohesive responses to security events that involve multiple teams across the organization;
• Incorporate solution architecture, security and compliance requirements into detailed security design across infrastructure and application components;
• Recognize, adopt, influence, and instil security best practices throughout the organization;
• Conduct sophisticated security reviews - from high-level infrastructure architecture to application-level parameters to code-level reviews in order to meet security goals;
• Provide subject matter expertise on architecture and security-related issues;
• Implement security specific technology solutions across all layers of the deployed ICT Security infrastructure, operating systems and applications, network and telecommunication devices, including 3rd party services, middleware and applications;
• Provide support in ICT Security incidents resolution at the infrastructure operational level, and proactively detect anomalies or patterns that may result into problems for the ICT Security, availability, stability, performance or capacity of the system;
• Advise and consult with internal customers on risk assessment, threat modelling, and vulnerability remediation;
• Perform any other tasks in the area of competence as assigned by the line manager.

REQUIREMENTS - ELIGIBILITY CRITERIA

CANDIDATES MUST:
• Be a national of one of the Member States of the European Union and enjoy full rights as a citizen;
• Have fulfilled any obligations imposed by the applicable laws on military service;
• Produce appropriate character references as to his or her suitability for the performance of the duties;
• Be physically fit to perform the duties pertaining to the position (prior to appointment, the successful candidate will be medically examined by one of the institution’s medical officers in order that the institution may be satisfied that the candidate fulfils the requirements of Article 12(2)(d) CEOS);
• Produce evidence of a thorough knowledge of one of the languages of the Union and a satisfactory knowledge of another language of the Union to the extent necessary for the performance of the duties.

CANDIDATES MUST HAVE:

• A level of education which corresponds to completed university studies, preferably in the area of Computer Science or Information Technology, attested by a diploma when the normal period of university education is 4 years or more;
OR
• A level of education which corresponds to completed university studies, preferably in the area of Computer Science or Information Technology attested by a diploma and appropriate professional experience of at least 1 year when the normal period of university education is 3 years;

In addition to the above at least 6 years of professional work experience gained after the award of the diploma.

 

REQUIREMENTS - SELECTION CRITERIA

a. Professional experience (assessed mainly during the Shortlisting phase):
Essential:
• At least 6 years of working experience in large ICT environments with an cyber/security engineering role;
• Professional experience in defining technical security configuration standards based on best practices and ensuring enforcement of these;
• Experience in providing security consultancy and engineering services in complex ICT solution development activities;
• Experience in maintaining core security technology solutions (IDS, Firewall, VPN, SIEM, endpoint security, AV, DLP, PKI, etc.);
• Experience in effective implementation of Software Security Development Lifecycle and software maturity model.

b. Professional knowledge (assessed during the Selection procedure - Written/Practical test and/or Interview)
Essential:
• In-depth knowledge of ICT security principles;
• Comprehensive ICT security background, covering the majority of the following domain areas:
o Authentication and authorisation (including Identity and Access Management) and federation;
o Encryption (including high assurance crypto solutions);
o Network architectures and network security;
o Vulnerability assessment and security compliance/assurance solutions.
• Knowledge of risk assessment methodologies, cloud risk assessment methodologies and information security standards;
• Threat hunting, security analytics and machine learning knowledge;
• Expertise with application security standards (e.g. OWASP ASVS) and Security Development Lifecycle (SDL).

c. General competencies (assessed during the Selection procedure - Written/Practical test and/or Interview): 
Essential:
Communicating:
• Excellent communication skills in English, both orally and in writing;
• Excellent presentation skills;
• Ability to draft clear and concise documents on complex matters for various audiences.
Analysing & problem solving:
• Structured approach to work aimed at getting results;
• Excellent analytical and critical thinking skills;
• Competent user of Microsoft Office applications (MS Word, Excel, PowerPoint and Outlook) and the internet.
Delivering quality and results:
• High degree of commitment and flexibility;
• High level of customer and service-orientation.
Prioritising and organising:
• Excellent organizational skills including the ability to plan own work load,
establish clear priorities and exercise initiative;
• Ability to manage projects and familiarity with project management terminology and methodology.
Resilience:
• Strong ability to work well under pressure, both independently and in a team;
• Ability to remain effective under a heavy workload and demonstrate resistance to stress.
Living diversity:
• Ability to establish and maintain effective working relations with co-workers in an international and multi-disciplinary work environment.
Advising:
• Ability to synthesise various data into a coherent and relevant whole, transforming it into a valuable and correct conclusion;
• Building constructive relationships with clients, adequately identifying and managing their needs and expectations, and giving well-grounded advice.

SELECTION PROCEDURE

The Contracting Authority sets up a Selection Committee which consists of at least three members, one from the Human Resources Unit of Europol, one from the concerned Unit or Department and one designated by the Staff Committee.

For non-restricted posts the Contracting Authority may designate up to two additional members to the Selection Committee on a proposal from the Management Board, either from another service of Europol, from outside Europol or from outside the community institutions including Member States.

The Selection Committee determines candidates’ suitability for the position by assessing their skills, experience and qualifications against the established job profile and makes an initial selection from the applications received.

The Selection Committee will invite the 5 highest scoring candidates (short-listed). All candidates having a score equal to the 5th highest scoring candidate will be included to the list of invited candidates. 

Shortlisted applicants are invited to participate in a post-related selection procedure, generally consisting of written and/or practical tests and competency-based interviews.

The Contracting Authority makes a decision of appointment on the basis of advice from the Selection Committee. She will inform the Committee of her decision. All candidates who attend the selection procedure will be informed of the outcome.

Candidates who attended a selection procedure may request feedback on their performance of the written test and interview within three months after the selection procedure. Europol will not be in a position to respond to feedback inquiries received outside this time frame.

The Selection Committee’s work and deliberations are confidential. It is forbidden for candidates to make direct or indirect contact with the members of the Selection Committee or for anyone to do so on their behalf. All enquiries or requests for information or documentation in relation to the competition should be addressed to the Europol Recruitment Team.

Detailed information on the selection procedure, including the appeal procedure is available in the Europol Recruitment Guidelines, which can be found on Europol’s website.

SALARY

Scale: AD 7

The basic monthly salary is EUR 6.128,51 (step 1) or EUR 6.386,04 (step 2).

The step in grade is determined on the basis of professional experience gained after the education required for the position and in line with applicable implementing rules.

In addition, if applicable, allowances such as expatriation allowance, household allowance, dependent child and education allowance may be granted.

Europol offers a comprehensive welfare package comprising additional benefits such as medical insurance, unemployment and invalidity allowance as well as a pension scheme.

Salaries are subject to a community tax but exempt from national taxation.

TERMS AND CONDITIONS

PROBATION PERIOD
Engagement for this position is subject to the successful completion of a probationary period of 9 months. Within this period the successful candidate will have to undergo a post-related security screening.

Europol reserves the right to terminate the contract of employment during or at the end of the probation period in accordance with Article 14 of CEOS.

SECURITY SCREENING AND CERTIFICATE OF GOOD CONDUCT
All candidates who have successfully passed a selection procedure are required to apply for a national "Certificate of good conduct" at the time an offer of employment is made.

The "certificate of good conduct" must be provided to Europol prior the signature of the employment contract. In case of unfavourable entries in the "Certificate of good conduct" Europol reserves the right not to award an employment contract. However, the national certificate of good conduct does not substitute a valid full Personal Security Clearance Certificate (PSCC) that must be obtained for all Europol staff at the level indicated in the Job Description.

A PSCC is a certificate issued by a competent authority establishing that an individual is security cleared. It contains: the level of clearance, the date of issuance and the date of expiry. Failure to obtain the requisite security clearance before the expiration of the probationary period may be cause for termination of employment contract.

The requested level of Security Clearance for this post is: SECRET UE/EU SECRET.

MAIN DATES

Deadline for application: 20 February 2019, 23:59 CET
Recruitment procedure: March/April 2019
   

APPLICATION PROCESS AND SELECTION PROCEDURE
Please refer to the Europol Recruitment Guidelines available on Europol’s website for further details on the application process and the selection procedure.

CONTACT DETAILS
For further details on the application process please call +31 (0) 70 353 1298 or +31 (0) 70 302 5235. You may also contact us by email.

CONTRACT OF EMPLOYMENT
The successful candidate will be recruited as Temporary Agent AD7 pursuant to Article 2 (f) for a period of 5 years (full-time – 40 hours a week) or 4 years if the implementing provision on the procedure governing the engagement and use of temporary staff under Article 2f of the Conditions of Employment of Other Servants of the European Union will enter into force before a contract offer is made.

Depending on the date of applicability of the TA2f provision, the contract may be renewed for a period of 2 or 4 years. Any further renewal will be for an indefinite period.

The duration of the current contract of Europol staff members will be taken into account if they are successful in the selection procedure. 

The place of employment will be The Hague, The Netherlands.

For further information on terms and conditions please consult the EC Staff Regulations which are available on Europol’s website.

ADDITIONAL INFORMATION

Privacy Notice
Regulation 2018/1725 applies to the processing of personal data carried out in the process of selection and recruitment of staff at Europol following the application of this Regulation to all administrative personal data held by Europol in accordance with Article 46 of the Europol Regulation.
Data controller
The controller of the processing operation upon your personal data is the Head of the Human Resources Unit.
Purpose of the collection of data
The data submitted is processed in order to assess the suitability of candidates for a position at Europol as temporary agent (TA), contract agent (CA), intern or trainee and to administrate the documentation related to the selection. The data collected in order to comply with this purpose are the ones required in the application form plus all data provided by the data subject in paper or electronic format.
Legal bases for processing personal data
The legal bases for the processing of personal data for temporary agents, contract agents and interns are:
• Staff Regulations of Officials and the Conditions of Employment of Other Servants of the European Communities (Title III Chapter 1) and their implementing rules;
• Management Board Decision laying down general implementing provisions on the procedures governing the engagement and the use of temporary agents at Europol of 30 July 2010;
• Management Board Decision laying down general implementing provisions on the procedures governing the engagement and the use of contract agents at Europol of 13 October 2010.
• Management Board Decision defining the Europol posts that can be filled only by staff engaged from the competent authorities of the Member States (“restricted posts”) of 13 December 2017;
• Decision of the Europol Director on Internships of 15 March 2018. 
Recipients of the data
Recipients of the data for the positions of temporary and contract agents are Europol staff employed in the Administration Department dealing with HR and financial matters, the members of the Selection Committee, the concerned Europol National Units (for restricted posts and restricted – Annex II posts), the Deputy Executive Director Capabilities and the Executive Director.
Recipients of the data for interns are Europol staff employed in the Administration Department dealing with HR and financial matters, the Supervisor of the intern and its superior line management as well as respective colleagues involved in the selection process and the Deputy Executive Director Capabilities.
Data storage and retention
All documents provided to Europol will be kept in Europol’s files and will not be returned to the candidate. Applications of non-shortlisted candidates will be kept for a maximum of four years for temporary and contract agents. Data of non-recruited applicants on the reserve list for appointment will be kept for a maximum of five years after the expiry of the reserve list. Data of recruited candidates will be transferred to their personal file. Data of the selected interns will be kept for seven years after the finalisation of the internship programme.
Rights as data subject
Candidates have the right to access, rectify, block and erase their personal data in accordance with the applicable data protection rules.
Contact in case of queries concerning the processing of personal data
Candidates have a right of recourse to the Europol Data Protection Officer (Europol - Data Protection Officer - Eisenhowerlaan 73, 2517 KK The Hague, The Netherlands) and the European Data Protection Supervisor (edps@edps.europa.eu).
Kindly note that opposing to this processing operation will automatically exclude you from being considered for the recruitment and selection procedure.

Apply

Deadline

20 February 2019, 23:59:59 CET

Contract type

Non-Restricted Temporary Agent

Unit/Group

Capabilities Directorate

Reports to

Head of Team ICT Embedded Security; Head of Unit ICT Infrastructure & Operations