We are looking for a Workplace Security Specialist -EUIN185 for European Commission, hybrid.

Generally, this contract will support some of the multiple Security aspects of IT in Eurostat, by:

  • Providing support in conducting security risk assessments according to the IT Security Risk methodology used within the European Commission,
  • Providing support to the different stakeholders during the preparation or update of their Information Systems security plans,
  • Providing security studies associated with present or future Information System projects, and the integration of different security technologies in the Eurostat IT environment
  • Providing technical expertise for the implementation of the necessary technical measures required to implement effective solutions for mitigating security risks e.g. integration of security-related technologies, identity and access management.
  • Providing support the training & awareness activities on the IT Security topics.
  • Supporting security assessments on Eurostat Information Systems for compliance reporting
  • in the context of specific audits or EC mandatory IT Security attestation exercises.
  • Providing generic support on IT security aspects as required.

Some task examples to be covered by this contract are described below:

  • TASK 1: IT SECURITY RISK ASSESSMENT FOR EUROSTAT INFORMATION SYSTEMS
  • TASK 2: IT SECURITY PLANS FOR EUROSTAT INFORMATION SYSTEMS PRODUCTION/UPDATE
  • TASK 3: SUPPORT IT SECURITY COMPLIANCE REPORTING AND EVOLUTION ON THE CONTEXT OF ESS IT SECURITY FRAMEWORK
  • TASK 4: SUPPORT IT SECURITY COMPLIANCE MONITORING AND REPORTING IN THE CONTEXT OF EC CORPORATE SECURITY
  • TASK 5: SPECIFIC ADVICE AND SUPPORT IN TERM OF IT SECURITY AWARENESS
  • TASK 6: DESIGN, IMPLEMENT AND SUPPORT EFFECTIVE SOLUTIONS FOR APPLYING MITIGATION SECURITY MEASURES
  • TASK 7: SUPPORT FOR THE ASSOCIATED ADMINISTRATIVE PROCESS RELATED TO IT SECURITY
  • TASK 8: GENERAL ADVICE IN TERM OF IT SECURITY
  • TASK 9: PROJECT MANAGEMENT ACTIVITIES WITHIN THE CONTEXT OF THE CONTRACT

Requirements

Must-have’s:

  • At least 12 years overall experience to qualify for the daily rate
  • At least 5 years of specific expertise in IT Security
  • At least 3 years of specific expertise in Project Management
  • At least 3 years of specific expertise in Service Management
  • At least 2 years of specific expertise in IT Security Risk Management

In addition, very good knowledge of the following frameworks is expected:

  • European Commission IT Security Policy, Standards, Guidelines and Technical specifications • ITSRM Methodology
  • ISO 27000 framework standards
  • Project Management with PM2 , including PM2 Agile
  • ITIL
  • Eurostat IT strategy and other applicable guidelines.

Following certificates & standards are required for the performance of tasks:

  • Project Management Professional (PMP) or PRINCE2 Foundation or PMI or PM2 or OpenPM2
  • ITIL Specialist – Intermediate or above certification
  • ISO27k or equivalent related certification
  • IT Risk Management related certification

One or more of the following IT Security related certifications:

  • CISSP: Certified Information Systems Security Professional
  • CISA: Certified Information Systems Auditor
  • CISM: Certified Information Security Manager
  • CPTC Certified Penetration Testing Consultant
  • CPTE Certified Penetration Testing Engineer
  • CompTIA Security+
  • CSTA Certified Security Testing Associate
  • GPEN GIAC Certified Penetration Tester
  • OSCP Offensive Security Certified Professional
  • CEH Certified Ethical Hacker
  • ECSA EC-Council Certified Security Analyst
  • CEPT Certified Expert Penetration Tester

Benefits

  • Salary: 500 EUR / day all-inclusive on a freelance/B2B contract
  • Type of work: Near site (hybrid but needs to be located in Brussels)
  • Contract duration: Up to 4 years
  • Deadline for applications: June 12, 2023