afotakel Posted March 4, 2016 Report Share Posted March 4, 2016 http://www.epo.org/about-us/jobs/vacancies/other/INTEXT-5954.html Place of employment: The Hague Job group 4 Grade G7 - G10 Deadline for applications: 4.4.2016 The Information Management (IM) department of the European Patent Office (EPO) has 800 staff working on IT and information processing, with a professional and proactive focus on supporting the EPO's different business processes. The Information Security team of the CIO's Office (CIOO) provides support and advice on a wide range of technical and non-technical topics related to information security. Its mission is to enforce a security framework that both protects the EPO's automated systems and information, thereby assuring their availability and reliability, and guarantees authorised, controlled and registered access. CIOO is seeking a security engineer to help the team to implement projects under the Security Roadmap over the next three years. The successful candidate will need to demonstrate wide experience of delivering sound information assurance advice in a number of different organisations, have an in-depth technical background gained from experience developing enterprise-level information security systems and be able to use their extensive knowledge to provide sound advice on mitigating information risk, commensurate with business needs, in a cost-effective way.Main dutiesAssisting with the information security review of automation projects at the EPO and providing advice on information security to the staff managing and working on those projects Completing technical risk assessments as necessary Identifying vulnerabilities as necessary using automated tools or otherwise, and completing or commissioning work to test the security of an application and its integration into the wider infrastructure using specialists in penetration testingMonitoring and advising on information security issues related to the systems and processes at the EPO to ensure that the EPO's security controls effectively mitigate risk and operate as intended Assisting with the establishment of all elements of the EPO's ISMS, including continuing development and documentation of information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements Collaborating with IT management, the legal department and the operational IT and physical security groups to support security management implementation and enforcement Assisting with responses to information security incidents and vulnerabilities Performing other related duties as assignedThe ideal candidate must have at least five years' experience in the application and development of information security systems, including experience with internet technology and security issues and the development and securing of web-based applications a thorough understanding of the risks to business posed by information-system threats and vulnerabilities very good technical security knowledge of a broad range of information technologies including desktops, servers, operating systems and applications, databases and networks proven experience of security-policy development, security education, risk analysis and compliance testing excellent knowledge and experience of working with the principles of risk identification and analysis related to data confidentiality and security very good knowledge and experience of information security standards (e.g. ISO 27001/27002, etc.), and rules and regulations related to information securityIt is important to have proven experience and knowledge of system and application penetration testing and system and application vulnerability assessments knowledge and experience of working with the management of security incidents, including incident analysis a very good knowledge of, and experience working with, a range of information security technologies such as firewalls, IDPS, VPN technologies and malware protection, authentication technologies such as RADIUS, Kerberos, single sign-on, Vasco tokens, Federation (SAML, WS-Fed), WebSSO, two-factor authentication, authorisation, including RBAC, rules-based authorisation, LAN, WAN and SAN concepts and technical implementations, application development, including Java, .NET platforms, source code review, including secure coding practices, mainframe, Windows, Unix, Linux operating systems, identity repositories, including LDAP, Active Directory, RACF, IAM suites, including Microsoft FIM 2010, Microsoft ADFSIt will also be an advantage to have an advanced degree in information security experience of working with information security in large, international organisations CISSP, GIAC, or other security certifications and/or membership of a professional institution representing security professionals experience of, and/or certification in, SABSA, TOGAF, OSA demonstrable broad knowledge and hands-on experience of secure software development with multiple examples of developing and testing against security requirements for software development projects hands-on experience of using software development languages and software development methodologies over multiple projects the ability to detect common software vulnerabilities, including cross-site scripting and SQL injection, and to identify appropriate countermeasures demonstrable experience of defining go-live criteria for new/changed applications and of assuring that these criteria are met as part of go-live decisionsAdditionally, candidates should have excellent communication skills (oral, written, presentation) with strong interpersonal and consultative skills strong analytical and problem-solving skills the ability to interact with highly specialised teams of technical experts, software developers and business representatives a service-driven approach the ability and drive to deliver within strict deadlinesMinimum qualificationsDiploma of completed studies at university level or - in exceptional cases - equivalent professional experience. Excellent knowledge of one official language and ability to understand the other two.Citizenship of one of the member states of the European Patent Organisation.Salary and benefits The EPO offers competitive salaries, an excellent social package, and varied work in a modern international environment. The net (basic) monthly salary* for this vacancy ranges from EUR 5 223 to 7 396, depending on experience. In addition, depending on their personal circumstances, EPO staff may be entitled to relocation benefits and various allowances (e.g. household, dependant's, childcare, education, expatriation, installation, rent and language allowance).Process and timeline The successful candidate will be selected on the basis of qualifications, supplemented as appropriate by interviews, tests and/or a personality questionnaire. It is intended to hold the interviews in April/May 2016 in The Hague. Application until: 4.4.2016 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.