IT Security Specialist

eu-LISA is the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) manages large-scale IT systems to support the implementation of asylum, border management and migration policies in the European Union (EU). The Agency is also a front-runner for the digitalisation efforts of the EU's Justice and Home Affairs domain, building a new information architecture and contributing to the development of a new security ecosystem. Since the Agency's beginnings in 2012, eu-LISA has become the digital engine of the Schengen Area. With its activities and tasks, the Agency adds value to the EU Member States by supporting their efforts towards justice, security and freedom.

• Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Develop and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
• Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action.
• Perform source code reviews.
• Perform network and application penetration testing (Black box, Grey box and White box).
• Defining detailed security architecture.
• Performing technical security audits.
• Perform log analysis and security monitoring.
• Perform IT infrastructure/Application Security configuration reviews.
• Design and implement technical security mechanisms and technologies.
• Design and develop technical security standards and procedures.

• Minimum 4 years of relevant education (master or equivalent) after the secondary school.

• Minimum 6 years of relevant professional experience in IT Security.

• Expected to possess advanced knowledge of/in:
• Security best practice guidelines (ISO 27001, NIST, SANS Top 20 OWASP, etc.).
• Good practice in the secure configuration of servers, network devices and applications.
• Networking protocols and application communications.
• Network analysis tools.
• Securing Unix and Windows operating systems.
• Securing middleware and applications.
• Network penetration testing.
• Web application penetration testing.
• Vulnerability assessments.
• Forensic image collection and analysis.
• Managing/deploying the following security technologies: Firewalls; IDS/IPS - Intrusion detection/Prevention Systems; SIEM – Security information and event management; IAM – Identity and access management; APT – Advanced Persistent threat detection; DLP – Data loss prevention; VA – Vulnerability Analysis and mitigation; PKI – Public key infrastructure; Virtual environments; Endpoint security; Mobile security; Communications and data encryption; Remote access methods; Backup and disaster recovery methodologies; Patch management technologies and processes; Wireless protocols and services.
• Open Web Application Security Protocol (OWASP) and secure software development standards.
• Performing security code reviews.
• Security monitoring, threat detection and incident response.
• Proactively and iteratively searching through networks and applications to detect and isolate advanced threats that evade existing security solutions (Cyber threat hunting).
• Security operations engineering (e.g. implementation of defensive measures, threat intelligence production).
• Linux administration, TCP/IP, Network Security.
• Security configuration reviews of IT Infrastructure and security devices, OS, Databases etc.
• Expected to possess one or more of the following qualifications:
• Certified Information Systems Security Professional with Information Systems Security Architecture Professional concentration (CISSP-ISSAP).
• Certified Information Security Manager (CISM).
• Certified Information Systems Auditor (CISA).
• OSCP, OSCE, GPEN, CEH, CCNA, CCNP.