IT Security Specialist

Spektrum have a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

**Background**:
eu-LISA is the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) manages large-scale IT systems to support the implementation of asylum, border management and migration policies in the European Union (EU). The Agency is also a front-runner for the digitalisation efforts of the EU's Justice and Home Affairs domain, building a new information architecture and contributing to the development of a new security ecosystem. Since the Agency's beginnings in 2012, eu-LISA has become the digital engine of the Schengen Area. With its activities and tasks, the Agency adds value to the EU Member States by supporting their efforts towards justice, security and freedom.

**Task description**:

- based security systems
- Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action
- Perform source code reviews
- Defining detailed security architecture
- Performing technical security audits
- Perform log analysis and security monitoring
- Perform IT infrastructure/ Application Security configuration reviews
- Design and implement technical security mechanisms and technologies
- Design and develop technical security standards and procedures

**Education**:

- Minimum 4 years of relevant education (master or equivalent) after the secondary school

**Minimum Experience**:

- Minimum 6 years of relevant professional experience in IT Security

**Additional needed qualification, knowledge and skills**:

- **Expected to possess advanced knowledge of/in**:

- Security best practice guidelines (ISO 27001, NIST, SANS Top 20 OWASP, etc.)
- Network analysis tools
- Securing Unix and Windows operating systems
- Network penetration testing
- Vulnerability assessments
- Forensic image collection and analysis
- Managing/deploying the following security technologies: Firewalls; IDS/IPS - Intrusion detection/Prevention Systems, SIEM - Security information and event management; IAM - Identity and access management; APT - Advanced Persistent threat detection; DLP - Data loss prevention; VA - Vulnerability Analysis and mitigation; PKI - Public key infrastructure; Virtual environments; Endpoint security; Mobile security; Communications and data encryption ; Remote access methods; Backup and disaster recovery methodologies; Patch management technologies and processes; Wireless protocols and services
- Open Web Application Security Protocol (OWASP) and secure software development standards
- Performing security code reviews.
- Security monitoring, threat detection and incident response;
- Security operations engineering (e.g. implementation of defensive measures, threat intelligence production);
- Linux administration, TCP/IP, Network Security.
- Security configuration reviews of IT Infrastructure and security devices, OS, Databases etc.
- Expected to possess one or more of the following qualifications:

- Certified Information Systems Security Professional with Information Systems Security Architecture Professional concentration (CISSP-ISSAP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- OSCP, OSCE, GPEN, CEH, CCNA, CCNP

We never know what new opportunities might be just over the horizon. If this opportunity isn't for you please feel free to send us your resume anyway and be the first to know if something suitable for your skills and experience comes up.