The primary objective is to ensure that external connections do not increase the overall security risk to the Communication and Information System (CIS) of the EU.

ISA = (Interconnection Security Agreement) authorization framework for external connections.

The tasks are:

1) ISA service management

This objective includes the handling of the ISA process. This entails:

a) analysis of requests from different stakeholders (internal and external)

b) processing of the requests accordingly with the defined procedures and rules

c) reviewing and assessment of EC CIS IT Security Plans (ITSP)

d) handling of non-compliances

2)Security inspections in the context of ISA

This objective includes all the tasks required to perform security inspections to external partners, contractors and EC CIS.

These security inspections are in the context of external connections and have the goal to assess compliance with defined security measures. This includes the following activities:

a) Planning

b) Executing

c) Reporting and follow-up

3)Service improvement

This objective includes active participation in initiatives with the objective to improve the quality of the service provided. This includes:

Alignment of ISA service with the Commission's policies and standards

Alignment of ISA service with new developments in information security

Contribution to the development of related security standards, baselines and guidelines

4) Documentation and statistics

The ISA-related documentation and statistics shall be kept up-to-date.

This objective includes the proper production and maintenance of ISA-related documentation and ISA-related KPI and statistics.

Technical skills

Experience:

Post-secondary education of at least 2 years in ICT or other related areas, e.g. computer science, cybersecurity, information technology, computer/software engineering, information systems, computer forensics science.

6 years in IT

3 years in cybersecurity

Knowledge and skills

Following skills and knowledge are required for the performance of the above listed tasks:

• In-depth knowledge of network communications especially from ISO network layer 2 to layer 5 with a specific focus on network security protocols (like MACSec, IPSec TLS/SSL,…)
• Excellent knowledge of information security principles, internationally recognised standards in the field IT security and corresponding implementations
• (Experience in the EU Commission security policy would an asset);
• Good knowledge of fast changing technologies used in the field of workplace and network security solutions/technologies
• Knowledge of IT Security Compliance Management
• Ability to learn efficiently and fast
• Ability to apply high quality standards
• Very good communication skills, adaptable to audiences ranging from senior management to technology specialists, delivered business to technical presentation, in English language
• Strong analytical and problem-solving skills
• Capability to write clear and structured technical documents in English
• Ability to participate in technical meetings and good communication skills
• The ability to work in a proactive and independent manner, with a focus on priorities, communication and decision-making capacities

Required clearance: Clearance to access EU SECRET information or the ability to get the clearance.

EU citizens only.

Language: English

Remote work: exact distribution on-site and off-site to be agreed with the client.

Duration: Initial contract 6 months (90 days) with possible extensions per year (CUSTOMER CONTRACT duration 48 months)