Eu Institutions: It Security Assessment And Penetration Testing Specialist

WHO WE ARE

Etinars is a values-focused company with multi-year experience, specialised in the recruitment of professionals for niche markets - managing the full-life cycle of specialist and executive level hires.At Etinars, we genuinely care about who you are and what you need.We place great emphasis on fostering robust, enduring connections built upon trust and transparency.Our approach ensures a swift journey, leading you hand in hand towards signing your next career step. WHAT WE ARE LOOKING FOREU Institutions: IT SecurityAssessment and Penetration Testing SpecialistThe JRC ICT Security Operations sector is part of the JRC LISO entity and is in charge of coordinating and providing operational security services to the JRC. This includes ensuring that adequate security measures are in place and operational for the IT infrastructure or information systems of the directorate general Joint Research Centre (JRC)A set of standards on Information Systems Security adopted by the Commission (in accordance with the Commission Decision 2017/46 concerning the security of information systems used by the European Commission) provides instructions to ensure that all Commission Information receive the appropriate level of protection in a consistent way.The objective is to ensure that appropriate security controls are identified and included in the Commission Information Systems.This specific agreement is to supply technical assistance to verify the level of implementation of this objective within JRC and more particularly to perform Security Assessments of JRC information systems..

YOUR TASKS

Security assessments of Information Systems and underlying infrastructure to verify correct implementation of security controls and identify potential vulnerabilities.This includes usage of the following testing techniques: black/grey/white box testing.Security audit of system architecture, and, compliance with EC security policies and industry best practicesAnalysis and reporting on identified issuesThe service provider will participate to the update and planning of Security Assessment dashboard. He will also be asked to provide, on a regular basis, report about performed activities (meetings, information gathering, produced documents, etc.) and possible issues/improvements proposals.He/she will have to perform his/her task following the standard on Information Systems Security adopted by the Commission, in particular the Standard on Secure Systems Development. YOUR SKILLS AND EXPERIENCEFollowing specific expertise is mandatory:Security assessments and Penetration Testing: White/Grey/Blackbox testingKnowledge of Burp Suite(r) tool suiteExperience in vulnerability monitoringSecurity assessment report draftingSecure System Architecture Design Following skills and knowledge are required:Very good knowledge of Security assessment and Penetration testing techniquesAbility to give business and technical presentationsAbility to apply high quality standardsVery good communication skills with technical and non-technicalaudiencesAnalysis and problem solving skillsCapability to write clear and structured technical documentsAbility to participate in technical meetings and good communication skills Due to the particular nature of a large international organisation such as the European Commission, candidates should also have the following non-technical skills:Capability of integration in an international/multicultural environment, rapid self-starting capability and experience in working in teamAbility to participate in multilingual meetings.Ability to work in multi-cultural environment, on multiple large projectsExcellent Team PlayerAbility to understand, speak and write English B2 or aboveHigh degree of discretion and integrity is required as the applications managed and maintained contain personal and confidential data EXTRA INFORMATIONThe services shall be performed remotely in Near-site location allowing to reach the JRC in Ispra within 2 hours.Requested presence at JRC: 2 to 3 days per month.Laptop will be provided by the CommissionFreelance contractThe competence level will be tested during interview. In case the information about the competence level filled in the CV are not true, this may lead to refusal of candidate. Please note that, due to the sensitive nature of the data involved, this position is currently available only to individuals who meet the following criteria:EU CitizensNon-EU Citizens with a valid EU work permitOnce we receive your CV, we will take time to evaluate it carefully. Should there be a match for this or any other position at Etinars, we will be in touch with you. In case there is no match now don’t worry, we will make sure to keep your CV in consideration for future vacancies!In Etinars we are committed to supporting Diversity and Inclusion Community. If you identify as part of it and you meet the minimum criteria for the job, you will be given the opportunity to demonstrate your abilities at an interview.