Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

Background:

eu-LISA is the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) manages large-scale IT systems to support the implementation of asylum, border management and migration policies in the European Union (EU). The Agency is also a front-runner for the digitalisation efforts of the EU's Justice and Home Affairs domain, building a new information architecture and contributing to the development of a new security ecosystem. Since the Agency's beginnings in 2012, eu-LISA has become the digital engine of the Schengen Area. With its activities and tasks, the Agency adds value to the EU Member States by supporting their efforts towards justice, security and freedom.

Task description:

Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host- based security systems
Develop and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment
Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action
Perform source code reviews
Perform network and application penetration testing ( Black box, Grey box and White box)
Defining detailed security architecture
Performing technical security audits
Perform log analysis and security monitoring
Perform IT infrastructure/ Application Security configuration reviews
Design and implement technical security mechanisms and technologies
Design and develop technical security standards and procedures

Education:

Minimum 4 years of relevant education (master or equivalent) after the secondary school

Minimum Experience:

Minimum 6 years of relevant professional experience in IT Security

Additional needed qualification, knowledge and skills:

Expected to possess advanced knowledge of/in:
Security best practice guidelines (ISO 27001, NIST, SANS Top 20 OWASP, etc.)
Good practice in the secure configuration of servers, network devices and applications
Networking protocols and application communications
Network analysis tools
Securing Unix and Windows operating systems
Securing middleware and applications.
Network penetration testing
Web application penetration testing
Vulnerability assessments
Forensic image collection and analysis
Managing/deploying the following security technologies: Firewalls; IDS/IPS - Intrusion detection/Prevention Systems, SIEM – Security information and event management; IAM – Identity and access management; APT – Advanced Persistent threat detection; DLP – Data loss prevention; VA – Vulnerability Analysis and mitigation; PKI – Public key infrastructure; Virtual environments; Endpoint security; Mobile security; Communications and data encryption ; Remote access methods; Backup and disaster recovery methodologies; Patch management technologies and processes; Wireless protocols and services
Open Web Application Security Protocol (OWASP) and secure software development standards
Performing security code reviews.
Security monitoring, threat detection and incident response;
Proactively and iteratively searching through networks and applications to detect and isolate advanced threats that evade existing security solutions (Cyber threat hunting);
Security operations engineering (e.g. implementation of defensive measures, threat intelligence production);
Linux administration, TCP/IP, Network Security.
Security configuration reviews of IT Infrastructure and security devices, OS, Databases etc.
Expected to possess one or more of the following qualifications:
Certified Information Systems Security Professional with Information Systems Security Architecture Professional concentration (CISSP-ISSAP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
OSCP, OSCE, GPEN, CEH, CCNA, CCNP

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.

Apply for this Job

* Required

Almost there! Review your information then click 'Submit Application' to apply.

First Name *

Last Name *

Email *

Phone *

Resume/CV *

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

LinkedIn Profile

Are you a citizen of a EU Country? *

What is your country of residence? *

Do you currently hold a personal security clearance? *

What is your personal security clearance level? *

If needed, are you open to relocating for this role? *

How much notice do you require to start a new role? *

The amount of notice you need to prove your current employer

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.