• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

EPO (European Patent Office) is recruiting a Security Engineer in The Hague, Netherlands

 
Ranch Hand
Posts: 90
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The European Patent Office is seeking a Security engineer

in Directorate 2.8.0.1 (CIO Office) PD IM.

3 year contract

Place of employment: The Hague

Job group 4
Grade G7 - G10

Deadline for applications: 4.4.2016

The Information Management (IM) department of the European Patent Office (EPO) has 800 staff working on IT and information processing, with a professional and proactive focus on supporting the EPO's different business processes.

The Information Security team of the CIO's Office (CIOO) provides support and advice on a wide range of technical and non-technical topics related to information security. Its mission is to enforce a security framework that both protects the EPO's automated systems and information, thereby assuring their availability and reliability, and guarantees authorised, controlled and registered access.

CIOO is seeking a security engineer to help the team to implement projects under the Security Roadmap over the next three years.

The successful candidate will need to demonstrate wide experience of delivering sound information assurance advice in a number of different organisations, have an in-depth technical background gained from experience developing enterprise-level information security systems and be able to use their extensive knowledge to provide sound advice on mitigating information risk, commensurate with business needs, in a cost-effective way.
Main duties

Assisting with the information security review of automation projects at the EPO and providing advice on information security to the staff managing and working on those projects
Completing technical risk assessments as necessary
Identifying vulnerabilities as necessary using automated tools or otherwise, and completing or commissioning work to test the security of an application and its integration into the wider infrastructure using specialists in penetration testing
Monitoring and advising on information security issues related to the systems and processes at the EPO to ensure that the EPO's security controls effectively mitigate risk and operate as intended
Assisting with the establishment of all elements of the EPO's ISMS, including continuing development and documentation of information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements
Collaborating with IT management, the legal department and the operational IT and physical security groups to support security management implementation and enforcement
Assisting with responses to information security incidents and vulnerabilities
Performing other related duties as assigned

The ideal candidate must have

at least five years' experience in the application and development of information security systems, including experience with internet technology and security issues and the development and securing of web-based applications
a thorough understanding of the risks to business posed by information-system threats and vulnerabilities
very good technical security knowledge of a broad range of information technologies including desktops, servers, operating systems and applications, databases and networks
proven experience of security-policy development, security education, risk analysis and compliance testing
excellent knowledge and experience of working with the principles of risk identification and analysis related to data confidentiality and security
very good knowledge and experience of information security standards (e.g. ISO 27001/27002, etc.), and rules and regulations related to information security

It is important to have

proven experience and knowledge of system and application penetration testing and system and application vulnerability assessments
knowledge and experience of working with the management of security incidents, including incident analysis
a very good knowledge of, and experience working with, a range of information security technologies such as firewalls, IDPS, VPN technologies and malware protection, authentication technologies such as RADIUS, Kerberos, single sign-on, Vasco tokens, Federation (SAML, WS-Fed), WebSSO, two-factor authentication, authorisation, including RBAC, rules-based authorisation, LAN, WAN and SAN concepts and technical implementations, application development, including Java, .NET platforms, source code review, including secure coding practices, mainframe, Windows, Unix, Linux operating systems, identity repositories, including LDAP, Active Directory, RACF, IAM suites, including Microsoft FIM 2010, Microsoft ADFS

It will also be an advantage to have

an advanced degree in information security
experience of working with information security in large, international organisations
CISSP, GIAC, or other security certifications and/or membership of a professional institution representing security professionals
experience of, and/or certification in, SABSA, TOGAF, OSA
demonstrable broad knowledge and hands-on experience of secure software development with multiple examples of developing and testing against security requirements for software development projects
hands-on experience of using software development languages and software development methodologies over multiple projects
the ability to detect common software vulnerabilities, including cross-site scripting and SQL injection, and to identify appropriate countermeasures
demonstrable experience of defining go-live criteria for new/changed applications and of assuring that these criteria are met as part of go-live decisions

Additionally, candidates should have

excellent communication skills (oral, written, presentation) with strong interpersonal and consultative skills
strong analytical and problem-solving skills
the ability to interact with highly specialised teams of technical experts, software developers and business representatives
a service-driven approach
the ability and drive to deliver within strict deadlines

Minimum qualifications

Diploma of completed studies at master's level or - in exceptional cases - equivalent professional experience. Excellent knowledge of one official language (English, French or German) and ability to understand the other two.
Citizenship of one of the member states of the European Patent Organisation.

Salary and benefits

The EPO offers competitive salaries, an excellent social package, and varied work in a modern international environment. The net (basic) monthly salary* for this vacancy ranges from EUR 5 223 to 7 396, depending on experience. In addition, depending on their personal circumstances, EPO staff may be entitled to relocation benefits and various allowances (e.g. household, dependant's, childcare, education, expatriation, installation, rent and language allowance).

Apply: https://express.candarine.com/campaign/url/forward/d57108d02b74
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic