Jump to content

Security engineer

afotakel
 Share

Recommended Posts

afotakel Enterprise Admin!

afotakel

Posted
Posted
 
Place of employment: The Hague 
 
 Job group 4
 Grade G7 - G10
 
 Deadline for applications: 4.4.2016
 
 The Information Management (IM) department of the European Patent Office (EPO) has 800 staff working on IT and information processing, with a professional and proactive focus on supporting the EPO's different business processes. 
 
 The Information Security team of the CIO's Office (CIOO) provides support and advice on a wide range of technical and non-technical topics related to information security. Its mission is to enforce a security framework that both protects the EPO's automated systems and information, thereby assuring their availability and reliability, and guarantees authorised, controlled and registered access.
 
 CIOO is seeking a security engineer to help the team to implement projects under the Security Roadmap over the next three years.
 
 The successful candidate will need to demonstrate wide experience of delivering sound information assurance advice in a number of different organisations, have an in-depth technical background gained from experience developing enterprise-level information security systems and be able to use their extensive knowledge to provide sound advice on mitigating information risk, commensurate with business needs, in a cost-effective way.
Main duties
Assisting with the information security review of automation projects at the EPO and providing advice on information security to the staff managing and working on those projects
 Completing technical risk assessments as necessary
 Identifying vulnerabilities as necessary using automated tools or otherwise, and completing or commissioning work to test the security of an application and its integration into the wider infrastructure using specialists in penetration testing
Monitoring and advising on information security issues related to the systems and processes at the EPO to ensure that the EPO's security controls effectively mitigate risk and operate as intended
 Assisting with the establishment of all elements of the EPO's ISMS, including continuing development and documentation of information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements
 Collaborating with IT management, the legal department and the operational IT and physical security groups to support security management implementation and enforcement
 Assisting with responses to information security incidents and vulnerabilities 
 Performing other related duties as assigned
The ideal candidate must have
 at least five years' experience in the application and development of information security systems, including experience with internet technology and security issues and the development and securing of web-based applications
 a thorough understanding of the risks to business posed by information-system threats and vulnerabilities
 very good technical security knowledge of a broad range of information technologies including desktops, servers, operating systems and applications, databases and networks
 proven experience of security-policy development, security education, risk analysis and compliance testing
 excellent knowledge and experience of working with the principles of risk identification and analysis related to data confidentiality and security
 very good knowledge and experience of information security standards (e.g. ISO 27001/27002, etc.), and rules and regulations related to information security
It is important to have
 proven experience and knowledge of system and application penetration testing and system and application vulnerability assessments
 knowledge and experience of working with the management of security incidents, including incident analysis
 a very good knowledge of, and experience working with, a range of information security technologies such as firewalls, IDPS, VPN technologies and malware protection, authentication technologies such as RADIUS, Kerberos, single sign-on, Vasco tokens, Federation (SAML, WS-Fed), WebSSO, two-factor authentication, authorisation, including RBAC, rules-based authorisation, LAN, WAN and SAN concepts and technical implementations, application development, including Java, .NET platforms, source code review, including secure coding practices, mainframe, Windows, Unix, Linux operating systems, identity repositories, including LDAP, Active Directory, RACF, IAM suites, including Microsoft FIM 2010, Microsoft ADFS
It will also be an advantage to have
 an advanced degree in information security
 experience of working with information security in large, international organisations
 CISSP, GIAC, or other security certifications and/or membership of a professional institution representing security professionals
 experience of, and/or certification in, SABSA, TOGAF, OSA
 demonstrable broad knowledge and hands-on experience of secure software development with multiple examples of developing and testing against security requirements for software development projects
 hands-on experience of using software development languages and software development methodologies over multiple projects
 the ability to detect common software vulnerabilities, including cross-site scripting and SQL injection, and to identify appropriate countermeasures
 demonstrable experience of defining go-live criteria for new/changed applications and of assuring that these criteria are met as part of go-live decisions
Additionally, candidates should have
 excellent communication skills (oral, written, presentation) with strong interpersonal and consultative skills
 strong analytical and problem-solving skills
 the ability to interact with highly specialised teams of technical experts, software developers and business representatives
 a service-driven approach
 the ability and drive to deliver within strict deadlines
Minimum qualifications
Diploma of completed studies at university level or - in exceptional cases - equivalent professional experience. Excellent knowledge of one official language and ability to understand the other two.
Citizenship of one of the member states of the European Patent Organisation.
Salary and benefits
 
 The EPO offers competitive salaries, an excellent social package, and varied work in a modern international environment. The net (basic) monthly salary* for this vacancy ranges from EUR 5 223 to 7 396, depending on experience. In addition, depending on their personal circumstances, EPO staff may be entitled to relocation benefits and various allowances (e.g. household, dependant's, childcare, education, expatriation, installation, rent and language allowance).
Process and timeline
 
 The successful candidate will be selected on the basis of qualifications, supplemented as appropriate by interviews, tests and/or a personality questionnaire.
 
 It is intended to hold the interviews in April/May 2016 in The Hague.
 
 Application until: 4.4.2016

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...