Senior Information Security Officer

**General Information**:
**Vacancy number**
- 994/2025

**Recruitment type**
- External recruitment (international)

**Type of contract**
- Fixed-term appointment

**Posted date**
- 27-Jun-2025

**Deadline to apply**
- 20-Jul-2025

**Duty station**
- Strasbourg

**Grade**
- A1/A2

**Entity**
- Registry of the European Court of Human Rights

**Description & Requirements**:
**Your Team**

The **European Court of Human Rights** oversees the implementation of the European Convention on Human Rights in the member states. Individuals can bring complaints of human rights violations to the Strasbourg Court once all possibilities of appeal have been exhausted in the member state concerned.

The Court’s IT Department is divided into multiple teams which develop, maintain and support IT systems and services designed to enhance the Court’s overall productivity and efficiency, optimise working conditions for Judges and staff, and provide effective new IT services for external parties. On arrival, you will receive comprehensive training to ensure you are fully integrated into the IT Department.

**Your Role**

As a Senior Information Security Officer, you will lead both technical and strategic security initiatives, ensuring that the Organisation's systems, cloud services, and data remain secure. Your responsibilities will span across incident response, cloud security, governance, and risk management, balancing hands-on technical execution with governance activities and organisational security strategy.

Strategic and Leadership Duties
- Develop and execute an enterprise-wide security strategy aligned with business objectives.
- Act as a trusted security advisor to leadership.
- Mentor technical teams and stakeholders on cybersecurity best practices and emerging threats.
- Define security governance policies in accordance with organisational frameworks.

Technical Security Duties

**On-Premise Infrastructure Security**
- Secure on-premise networks, firewalls, and intrusion detection/prevention systems (IDS/IPS).
- In collaboration with the infrastructure team, harden and monitor Windows and Linux servers, Active Directory, and enterprise databases.
- Oversee patch management and vulnerability assessments for on-premise infrastructure.
- Ensure secure configuration of VPNs, network segmentation, and perimeter defences.
- Control encryption protocols, PKI (Public Key Infrastructure), and secure authentication mechanisms.
- Implement Security Information and Event Management (SIEM) logging and monitoring strategies for on-premise security visibility.

**Microsoft Azure Cloud Infrastructure Security**
- Implement and maintain cloud security in Microsoft Azure and Microsoft 365 with Zero Trust principles.
- Create and maintain Azure Policies.
- Oversee Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP) using Microsoft Defender for Cloud.
- Develop privileged access management (PAM) strategies within Microsoft Entra ID.
- Integrate third-party services, including Identity and Access Management (IAM) and digital signatures.

**Incident Response and Threat Management**
- Lead security incident response, including forensic analysis, threat hunting, and mitigation.
- Manage SIEM, XDR/EDR, intrusion detection, and data loss prevention (DLP) solutions.
- Conduct penetration testing coordination and oversee remediation efforts.

**Identity Management Security**
- Oversee Identity Management security in Microsoft Entra ID and Auth0, implementing Zero Trust security principles.
- Develop and manage authentication governance policies to ensure compliance and mitigate risks.

**Security Tooling and Automation**
- Configure and maintain SIEM, ELK (Elasticsearch, Logstash, Kibana), and security logging frameworks.
- Automate security operations using PowerShell, Bash, Ansible, and security orchestration.

**Business Continuity and Disaster Recovery**
- Optimise the existing backup strategy including Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for cloud and on-premise backups.
- In cooperation with the infrastructure team, continue to enhance the Disaster Recovery (DR) strategy in Azure.

**Continuous Improvement**
- Continually review and implement security best practices (security by design and Zero Trust) and recommend opportunities related to the latest advances in technology.
- Execute regular scheduled testing, auditing and improvement of procedures and processes (e.g. Disaster Recovery Plan, patch management strategy, crisis simulation exercises).
- Participate in the procurement process including the development of technical specifications.

Governance, Compliance & Risk Management Duties
- Develop and maintain security policies, procedures, and regulatory documentation.

**Information Security policies, procedures and strategy**
- Develop and maintain the Court’s regulatory documentation (aligned to ISO/IEC 27000).
- Liaise with Security Officers from other Council of Europe entities t