(associate) it security engineer

Description du poste

The EIB, the European Union's bank, is seeking to recruit for its Corporate Services Directorate (CS) – Information Technology (IT) – IT Security Unit (SEC), at its headquarters in Luxembourg, a (Associate) IT Security Engineer. This is a full-time position at grade 4/5.Panel interviews are anticipated for February 2021.The term of this contract is 4 years.The EIB offers fixed-term contracts of up to a maximum of 6 years, according to business needs, with a possibility to convert to a permanent contract, subject to organisational requirements and individual performance.PurposeAs (Associate) IT Security Engineer (internally referred to as (Associate) Engineer IT Technology & Infrastructure), you will perform manage IT security projects and operations, whilst ensuring the implementation of IT policies and procedures thereby contributing to the achievement of the EIB’s IT security strategy objectives. You will also manage the supporting technology and operationalize security incident and response mechanisms.Operating NetworkThe IT Security Unit deploys and operates effective and adequate controls to mitigate ICT risks and is responsible for technical security matters for on premise hosted systems. You should have deep technical knowledge in deploying and managing state-of-the-art IT security controls to protect the EIB network from insider and external attacks.You will report to the Head of the IT Security Unit, and closely interact with the security engineering and security architecture teams to identify and integrate monitoring controls for new IT systems.Accountabilities Ensure that IT and Information Security policies and initiatives are implemented and key operational processes are run in the most effective and efficient way Analyse IT requirements from different sources, such as business functions, enterprise architects, IT operational teams Provide security mitigations to integrated IT designs and threat model documents to enable appropriate solutions are in place for risk mitigation Propose improvements and implement the necessary technical and/or administrative controls, procedures, IT standards, methodologies Coordinate continuous security penetration test activities, identify areas for improvement, and recommend mitigation actions Operate and maintain IT Security Production systems (most common devices: firewalls, proxies, web application firewalls, email secure gateways, remote accesses, strong authentication systems, privileged access management) Collaborate with the IT security monitoring teams on the creation and follow-up on security use cases for the SIEM (Security Information and Event Management) system and evaluate continuously the cyber threat landscape for the EIB Group Ensure the design, implementation and support of IT security technical and logical controls, this includes: Elaborating the operational set of documentation and procedures Dealing and following-up with Internal Audit on Agreed Action Points Contributing to security awareness throughout the organisationQualifications University degree in computer science or related disciplines Relevant post-graduate studies in field of IT risk management, IT or information management would be considered as a strong advantage At least 3 years of relevant experience as an operational security engineer with practical experience in key technical areas as outlined below Excellent knowledge of IT security operations (firewalls, proxies, web application firewalls, email secure gateways, remote accesses, strong authentication systems, privileged access management) Validated experience and deep knowledge in IT security risk analysis (SIEM, log review), contingency, vulnerability assessment and remediation (patch management) Good knowledge of general IT security topics and controls (security architecture and standards, vulnerabilities management and mitigation technics in particular those associated to Internet exposed systems and applications) Good knowledge and interest in cyber threat landscape, malware and hacking techniques Experience in Project management techniques, progress tracking tools and reporting Information Security related certification such as CISSP would be an advantage Excellent verbal and written English and good command of French (*). Knowledge of other EU languages would be an advantageCompetenciesFind out more about EIB core competencies hereIf you want to find out more about what the EIB offers please click here(*) There may be certain flexibility on this requirement, but limited to particularly suitable candidates who may not yet be proficient in French. If selected, such candidates will be hired on the condition that they build up rapidly knowledge of French and accept that their future career in the EIB may be subject to the attainment of sufficient proficiency in both of the Bank's working languagesWe are an equal opportunity employer, who believes that diversity is good for our people and our business.  As such, we promote the inclusion of suitably qualified and experienced staff without regard to their gender, age, racial or ethnic origin, religion or beliefs, sexual orientation/identity, or disability (*).Deadline for applications: 18th January 2021 (*).  We particularly welcome applications from women and persons with disabilities.#LI-POST

Profil de l'entreprise