Situation within the EUROPOL structure: the Information and Security Architect reports to the Head of the IMT Coordination/Project and Application Maintenance Unit, who in turn reports to the Deputy Director Head of the IMT Department.
Purpose of the post: the selected candidate will work in a team of enterprise architects, each one relatively focused in the specific architecture domain area for which they are most competent, but all closely cooperating as a team under the direction of the Head of Unit.
Main tasks and responsibilities:
Within its domain of competence, and working as part of the Architecture team, the Information Security Architect will be responsible for the following general tasks:
Produce, maintain, update, disseminate, and expand the set of architecture baseline documentation;
Take up technical assurance roles on IT development projects;
Sponsor, drive, and manage the delivery of technical solutions with architectural relevance;
Be responsible for the product management of technical sub-systems of the integrated Europol computerized system;
Monitor new promising technologies and analyse their applicability to Europol;
Monitor and/or participate to selected EU, law enforcement, or other relevant forums, and sponsor adoption of interfaces and standards;
Take up solution design roles in IT development projects.
With relation to its specific area of competence, the Information Security Architect will:
Perform security risk assessments of information systems, including applications, middleware, system software, infrastructure, data and voice networks;
Define the security elements of the Europol integrated IT architecture, at the application, technical, infrastructure, and IT operations levels;
Based on security policies, data confidentiality regulations, and risk assessment results, define or upgrade system-specific security requirements for IT solutions (application and infrastructure), and accompany them through the approval process;
Drive the evaluation and selection of the security technology products that are required to implement the selected security technical controls;
Design and specify technical security controls, providing detailed guidance and review for their implementation and configuration;
Write information security technical standards.
Be a national of one of the Member States of the European Union;
Ten years or more relevant IT experience, of which at least 5 in relevant Enterprise Architecture roles;
University degree in Computer Science or equivalent academic qualifications in the area of Information Technology;
Sound knowledge (oral and written) of at least two EU official languages, including English; the knowledge of a Eastern EU language would also be taken into consideration as an extra personal skill;
Good PC skills with professional competence on the Microsoft Office product suite, including MS Word, MS Excel, MS PowerPoint, MS Visio and MS Project;
Work experience in a complex public sector environment, or at least in a highly regulated environment with an articulated governance model would be an advantage.
Specific Skills and Competencies Required:
Enterprise architecture experience
The ideal candidate has substantial experience in the processes and methods of an established enterprise architecture function, involved in architecture definition, specification, change management, and in providing architecture supervision and support to IT delivery projects. Experience was gained in a large organisation, preferably multi-national.
Standard architecture frameworks
The ideal candidate is knowledgeable of recognised enterprise architecture frameworks (such as the Zachman Architecture Framework or The Open Group Architecture Framework).
General Architecture Modelling skills:
The ideal candidate has developed relevant and outstanding skills in the conceptualisation, modelling, and visualisation of architecture models and designs, and can create multiple views of a single architecture model to fit different communication purposes meant for different audiences; knowledge of UML or equivalent modelling techniques is an advantage.
Domain areas expertise
The ideal candidate must have relevant knowledge and experience in the concepts, methods, techniques, and representative products in the following domain areas:
Identity and access management
Authentication methods and techniques
Authorisation models, including RBAC
Use of cryptography and cryptographic technology
Network security, including VPN technology
Application security, including application gateways and secure session management
Firewall, host and network intrusion prevention, detection, and anti-virus technologies
Vulnerability assessment and security compliance
Secure remote access
PKI and LDAP directories
Security of web services
Knowledge and experience in the following domains will be regarded as a plus:
Windows .NET security and Windows security APIs
TEMPEST concepts and techniques
General Professional Skills Profile
Logical, structured and systematic thinking;
Ability to express ideas in clear and concise language;
Creative and analytical problem solving skills;
Project management experience;
Work experience in a complex public sector environment, or at least in a highly regulated environment with an articulated governance model, would be an advantage;
A high sense of co-operation, team working, and flexibility;
Team leading and general leadership skills and experience;
Ability to organise, plan and implement work assignments, for own work and for team’s work, manage competing demands and work under pressure of tight deadlines;
Strong interpersonal skills and ability to establish and maintain effective working relations with co-workers in a multi-cultural and multi-national work environment.
Basic salary scale 6 – 5 562,82 (tax deduction within Europol is approx. 8-10%)
In addition, when relevant, family allowances can be granted:
5% of the basic salary – household allowance;
EUR 275,04 (Net) - per dependant child;
EUR 896,90 (Net) – expatriation allowance
Additional benefits (annual trip home, education, rent and other allowances, excellent health insurance, etc).
Social contributions and taxes have to be deducted from the above mentioned amounts.