IT Cybersecurity Expert

A. Essential

Only applications meeting all essential selection criteria will be assessed.

(1) Professional

Candidates will be required to demonstrate the following qualifications:

• a University degree (or equivalent academic qualification) in Information Technology, Cybersecurity, Engineering, or another relevant field;
• at least 5 years of relevant professional experience, acquired after the award of the minimum qualification required as a condition of eligibility (see eligibility criteria section above);
• proven work experience with Microsoft E5 security tools, including Intune, Cloud PKI, Defender, Microsoft Sentinel, Azure AD;
• hands-on experience in managing and securing networks, including firewalls, IDS/IPS, VPN configurations, and network segmentation;
• expertise in Azure Active Directory (AAD), Microsoft Entra Suite, Conditional Access, Multi-Factor Authentication (MFA), and Privileged Identity Management (PIM) for both cloud and local networks;
• proven ability to implement security measures that comply with regulatory frameworks, such as GDPR, ISO 27001, and NIST;
• very good command of written and spoken English.

(2) Personal

All staff must be able to fit into the Agency's way of working (see para. 2). Other attributes important for this post include:

• ability to work in a team and independently in their area of responsibility;
• ability to work effectively in a multinational environment;
• reliability and capacity to work under pressure with little supervision;
• good communication and organisational skills;
• strong analytical and problem-solving skills;
• excellent interpersonal and negotiation skills;
• results-orientation and strong motivation;
• flexibility and innovativeness;
• genuine commitment to the Agency's objectives.

B. Desirable

The following will be considered an advantage:

• extensive knowledge in network security architectures and advanced defense mechanisms, including Zero Trust frameworks, security automation, and endpoint protection strategies;
• proven professional experience of implementing and supporting encryption solutions for EUCI environments with differing classification levels;
• hands-on experience managing Cisco Meraki platforms;
• recognised certifications in cybersecurity and network security, such as CISSP, CISM or Microsoft Certified Azure Security Engineer Associate.

We are seeking a proactive and detail-oriented IT Cybersecurity Expert with in-depth expertise in Microsoft E5 security tools. This role will be pivotal in supporting the secure deployment, configuration, and optimization of cloud solutions to ensure compliance with Regulation (EU) 2023/2841 and effective collaboration with Cert EU. The ideal candidate is a subject matter expert on implementing security best practices for cloud services and managed services (incl. EUCI), while collaborating with the IT security team to ensure continuous protection.

Under the supervision of the Head of the IT Unit, the IT Cybersecurity Expert will contribute to the following activities:

• Microsoft E5 Advanced Security: in close collaboration with Cert EU, plan, architect and lead the implementation of Microsoft E5 security capabilities, including Microsoft Defender for Cloud Apps, Azure AD Premium, Microsoft Defender, and Azure Security Center, to enhance the organization’s security posture;
• Cloud Network Security: design and implement secure cloud network architectures such as Azure Virtual Networks or Azure Firewall Premium. Ensure configurations follow best practices for security and compliance, minimizing potential vulnerabilities;
• Identity and Access Security: support the integration and management of Azure Active Directory (AAD) and Microsoft Entra Suite, focusing on Zero Trust, Multi-Factor Authentication (MFA), Conditional Access, and Privileged Identity Management (PIM) to safeguard user identities and prevent unauthorized access;
• EU Classified Information (EUCI) services: assist with the user support and the day-to-day operations of the EUCI services. Ensure effective collaboration with EUCI service providers to enforce the service level agreements;
• Threat Detection and Response: collaborate with the IT security operations team to monitor and respond to threats in real-time through Microsoft Sentinel and Defender for Identity. Leverage threat intelligence and advanced threat protection to provide insights and recommendations for improvement;
• Security Auditing and Compliance: contribute to the auditing of cloud infrastructure against regulatory standards (e.g. GDPR, ISO 27001) and internal security policies. Provide technical assessments and produce reports to ensure ongoing compliance and security readiness;
• Security Best Practices and Recommendations: improve the security architecture, including zero-trust principles, data loss prevention (DLP) policies, and encryption (incl. EUCI). Proactively identify potential risks and advise on risk mitigation strategies;
• Perimeter Security: configure and manage next generation firewalls and implement security rules to control traffic and prevent unauthorized access to on-premises systems;
• Local Area Network Management: ensure delivery of secure and robust wired and wireless network connectivity based on Cisco Meraki platform;
• Network Access Control (NAC): implement solutions to manage and enforce security policies for devices attempting to connect to the local network. Ensure that only authenticated and authorized devices can access sensitive network areas;
• take on additional tasks as required in the interest of the service.

Duties may evolve according to the development of EDA’s structure and activities, and the decisions of EDA management.

The IT Cybersecurity Expert will be appointed by the Chief Executive.

Recruitment will be as a member of the contractual staff of the Agency for a four-year period. Renewal is possible within the limits set out in the EDA Staff Regulations. The successful candidate will be recruited as Contract Agent, Function Group IV.

The pay for this position consists of a basic salary of 4.270,49€ supplemented with various allowances including, as applicable, expatriation or family allowances. Successful candidates are graded on entry into service according to the length of their professional experience. Salaries are exempted from national tax, instead an Agency tax at source is paid. For further information on working conditions please refer to: https://eda.europa.eu/jobs/what-we-offer

Failure to obtain the requisite security clearance certificate before the expiration of the probationary period may be cause for termination of the contract.

Candidates are advised that part of the recruitment process includes medical analyses and physical check-up with the Agency’s Medical Adviser.

Applications are invited with a view to establish a reserve list for the post of IT Cybersecurity Expert at EDA. This list will be valid until 31/12/2026, and may be extended by decision of the Chief Executive. During the validity of the reserve list, successful candidates may be offered a post in EDA according to their competences in relation to the specific requirements of the vacant post. Inclusion on the reserve list does not imply any entitlement of employment in the Agency.