Cyber Accreditation Officer

Vacancy details

Temporary Agent EUSPA/2023/AD/009
AD7 Prague / Czech Republic
27.04.2023 11:59 AM (GMT+2) 11.05.2023 11:59 AM
5 yes
As soon as possible 31.12.2023
Security Accreditation Head of Department or his/her assignee
SECRET UE / EU SECRET

[1] The place of employment is subject to changes in the interest of the service and always under due consideration of the Staff Member’s interests.

[2] Possibility of renewal for a fixed period and a further renewal for an indefinite period on the conditions set out in the Staff Regulations and in the Conditions of Employment for Other Servants

[3] The organisational department and the hierarchical reporting line may change in line with the developments of the EUSPA and department’s organisation.

[4] The successful candidate must hold a valid personnel security clearance at the level defined above or be able and willing to apply for it immediately after the contract signature. The procedure for obtaining a personnel security clearance shall be initiated on request of the employer only, and not by the individual candidate. Description of the EU classified information levels is available here.

1. EUSPA AND THE HIRING DEPARTMENT

The European Union Agency for the Space Programme (EUSPA) is an operational EU Agency that provides safe and secure European satellite navigation services, develops the GOVSATCOM Hub, promotes the commercialisation of Galileo, EGNOS, Copernicus and GOVSATCOM data and services, and will provide the Space Surveillance and Tracking Front-Desk. EUSPA is also responsible for the security accreditation of all the Components of the EU Space Programme. Lastly, it is foreseen that the Agency will be entrusted with IRIS2 tasks. For more information on the EUSPA and the EU Space Programme, click here.

The Security Accreditation Board (SAB) is the Security Accreditation Authority for all of the EU Space Programme’s components (Galileo, EGNOS, Space Situational Awareness, GOVSATCOM, Copernicus) and for the Union Secure Connectivity Programme (IRIS2). It takes its decisions in an independent manner including with regard to the Commission, the EUSPA and the other bodies responsible for the implementation of the components and provision of service. The SAB is composed of a representative of each Member State, a representative from the Commission and a representative from the High Representative for the Union for Foreign Affairs and Security Policy. Decisions are taken by the Member States.

The Security Accreditation Department in EUSPA supports the SAB and its subordinate technical bodies. More information can be found in the Regulation (EU) 2021/696.

The current vacancy is for positions requiring permanent relocation to the Agency’s headquarters in the heart of Europe – Prague – with excellent connection to numerous major European cities. The capital of the Czech Republic, in the banks of the Vltava River, is famous for its cultural life, renowned musical life, historic buildings, magical bridges, and recognised museums and monuments.

2. TASKS AND RESPONSIBILITIES

We are looking for two Cyber Accreditation Officers who will support the cyber-related accreditation activities of the department and contribute actively to the fulfilment of the Agency’s regulatory responsibilities related to security accreditation.

One position is devoted to the EU Space programme components - Galileo, EGNOS, Copernicus and SSA; the other position is devoted to GOVSATCOM and IRIS2, in line with the applicable legislation.

The Cyber Accreditation Officers will report to the Head of Department or one of team leaders and will be entrusted in particular to drive/contribute to assurance activities in the following areas:

  1. Cyber security architecture audit;
  2. Cyber security configuration audit;
  3. Penetration testing;
  4. Cyber organisational and physical audit.

The above tasks will be carried out through documentation analysis, on-site inspections of the EU space programme components’ facilities (e.g. in Italy, Germany, France or Spain), interviews and penetration testing.

The Cyber Accreditation Officers shall adopt a global vision of the EU space programme component’s system under audit and its organisation and be able to identify the vulnerabilities present in the architecture, configuration, organisation processes of the audited system and to propose the appropriate recommendations to remedy the vulnerabilities discovered.

In addition to core tasks, the Cyber Accreditation Officers will participate as necessary to other tasks of the department, such as:

  • Perform security assessment (including via documentation reviews and via penetration testing) on EU space programme infrastructures and operations, in order to assess possible vulnerabilities, their criticality, assess related mitigation measures provided by Programme;
  • Participate in relevant Programme reviews and technical meetings, and report on these to ensure findings are addressed, possible non-compliance to the system security baseline is identified, new security risks are known and security measures are defined to reduce such risks to acceptable levels;
  • Examine security risk analysis related to the Components of the Space Programme;
  • Draft security accreditation reports and notes supporting the SAB decisions;
  • Support meeting organisation and administrative tasks needed for the functioning of the SAB and its bodies;
  • Contribute to the management of security accreditation contract activities, such as draft contracts, participate to procurement phases, manage the awarded contracts and associated contractors, coordinate contractors’ activities, review deliverables;
  • Contribute to other tasks of the Department, as necessary;
  • Liaise with other departments, notably in the area of Administration, to ensure the execution of related corporate tasks, such as planning, reporting, administration, financial & budget management, risk management.

3. ELIGIBILITY CRITERIA

The selection procedure is open to applicants who satisfy the following eligibility criteria, on the closing date for application:

  1. A level of education which corresponds to completed university studies5 attested by a diploma when the normal period of university education is four years or more OR A level of education which corresponds to completed university studies attested by a diploma and at least one year of appropriate professional experience when the normal period of university education is three years
  2. In addition to the above, appropriate professional experience6 of at least six years after obtaining the required diploma
  3. Be a national of a Member State of the European Union, Iceland or Norway
  4. Be entitled to his or her full rights as a citizen
  5. Have fulfilled any obligations imposed by the applicable laws concerning military service
  6. Meet the character requirements for the duties involved7
  7. Have a thorough knowledge of one of the languages of the European Union8 and a satisfactory knowledge of another language of the European Union to the extent necessary for the performance of his/her duties
  8. Be physically fit to perform the duties linked to the post9

Temporary agents (2f) from EUSPA and other EU agencies, in grade AD7, are also invited to apply in accordance with the following EUSPA rules: https://www.euspa.europa.eu/sites/default/files/conditions_of_employment_of_temporary_staff_ta.pdf


[5] Only study titles that have been awarded in EU Member States or that are subject to the equivalence certificates issued by the authorities in the said Member States shall be taken into consideration. Qualifications/diplomas awarded in the United Kingdom until 31/12/2020 are accepted without further recognition. For diplomas awarded in the United Kingdom after this date (from 01/01/2021), a NARIC recognition is required: https://www.enic-naric.net/. [6] Only appropriate professional experience acquired after achieving the minimum qualification stated in point.1 shall be considered. Where additional periods of training and study are accompanied by periods of professional activity, only the latter shall be considered as professional experience. Compulsory military service or equivalent civilian service accomplished after achieving the minimum qualification stated in point.1 shall be taken into consideration. Internships will be taken into consideration, if they are paid. Professional activities pursued part-time shall be calculated pro rata, on the basis of the percentage of full-time hours worked. A given period may be counted only once. [7] Prior to the appointment, the successful candidate will be asked to provide a Police certificate confirming the absence of any criminal record. [8] The languages of the EU are: Bulgarian, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, Irish, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Maltese, Polish, Portuguese, Romanian, Slovak, Slovene, Spanish, Swedish. [9] Before a successful candidate can be appointed, s/he will be medically examined by a selected medical service so that the Agency will be satisfied that s/he fulfils the requirement of Article 28(e) of the Staff Regulation of Officials of the European Union.

4. SELECTION CRITERIA

All eligible applications, according to the afore-mentioned criteria, will be assessed against the requirements listed below solely based on the information provided by the candidates in their application.

The Selection Board responsible for this selection will determine the criteria to be assessed in the various phases of the selection procedure (assessment of the application forms, interview and written test) prior to being granted access to the names of the applicants.

When filling the online application, candidates are expected to clearly include elements that demonstrate that their profile matches the requirements below.

Professional experience and expertise

  1. Experience in conducting vulnerability assessments and/or penetration testing, including identification and remediation of security vulnerabilities in Information and Communication Technology (ICT) systems;
  2. Experience in one or several of the following fields in relation to ICT complex systems or governmental ICT systems or space programmes at national or EU level: - security assurance/security accreditation methodology and analysis; - security risk assessments; - security design and/or security deployment;
  3. Experience in the definition and performance of cyber security audit and relevant technical expertise (e.g. cyber architecture audit, cyber configuration audit, penetration testing, cyber organisation audit, cyber industrial system audit);
  4. Experience in conducting cyber auditing activities in the frame of a nationally certified cyber security audit service provider or a governmental cyber security audit service is considered an asset;
  5. Experience in financial, procurement and contract management, including managing a contracted penetration test team is considered an asset;
  6. Experience in cryptography applied to complex ICT systems covering topics such as authentication mechanisms, public key environments and confidentiality assurance is considered an asset;
  7. Possess relevant security certifications (e.g. CISSP, CISA, CEH, OSCP) is considered an asset;
  8. Excellent command of both written and spoken English;

Required competencies

  1. Motivation;
  2. Excellent communication skills and ability to summarise complex information to different target audiences;
  3. Strong negotiation skills;
  4. Ability to work in a team and with external stakeholders;
  5. Ability to deliver accurate work under pressure, organise workload and prioritise tasks.

5. SELECTION PROCEDURE

The current vacancy aims to fill 2 (two) posts and establish a reserve list.

A comprehensive description of the selection process is available here.

Indicative date for the interview and written test: May/June 2023. The date might be modified depending on the availability of the Selection Board members.

Candidates are strictly forbidden to make any contact with the Selection Board members, either directly or indirectly. Any infringement of this rule will lead to disqualification from the selection procedure.

Any questions regarding the selection procedure should be addressed only to: jobs@euspa.europa.eu

In addition, candidates having any personal relationship within the EUSPA have the possibility to declare such situation to jobs@euspa.europa.eu.

6. APPLICATION PROCEDURE

In order to be considered for this position, candidates need to create an account by registering via the EUSPA e-recruitment tool.

Only applications submitted via the e-recruitment tool will be accepted. Applications sent via email or post will not be taken into consideration.

Multiple applications received for the same position via different accounts will lead to the exclusion of the applicant from the selection procedure.

Important: the information provided by candidates in their online application constitutes the solely basis for the assessment of the eligibility and selection criteria. Therefore, they are invited to carefully read the requirements and to provide the relevant information in such detail that would allow this assessment. Particular attention should be paid to information on the education and professional experience, in particular exact dates, description of responsibilities and duties carried out. It is the candidate’s responsibility to ensure accurate and elaborate completion of the application form and avoidance of unclarities and typos.

All sections of the application should be completed in English in order to facilitate the selection procedure.

In order to be considered, applications must be received by the closing date indicated in the vacancy notice.

Candidates are advised to submit the application well ahead of the deadline in order to avoid potential problems during the final days before the closing date of applications’ submissions. The Agency cannot be held responsible for any last-minute malfunctioning of the e-recruitment tool due to heavy traffic on the website.

Any request for technical support must be sent to: jobs@euspa.europa.eu minimum two working days before the vacancy notice deadline. Please note, that if you submit your request for technical support later, we may not be able to assist you.

Please consult the e-recruitment guideline for instructions on completing the application.

Any questions regarding the selection procedure should be addressed only to: jobs@euspa.europa.eu.

7. APPEAL PROCEDURE

If a candidate considers that he/she has been adversely affected by a particular decision, he/she can lodge a complaint under Article 90(2) of the Staff Regulations of Officials of the European Union and Conditions of employment of other servants of the European Union; submit a judicial appeal under Article 270 of the Treaty on the Functioning of the EU (ex Art. 236 of the EC Treaty) and Article 91 of the Staff Regulations of Officials of the European Union; or make a complaint to the European Ombudsman.

Details on how to initiate these processes are available here.

8. SUMMARY OF CONDITIONS OF EMPLOYMENT

FINANCIAL ENTITLEMENTS

The remuneration consists of a basic salary10 and, where applicable, additional allowances11, paid on a monthly basis and reimbursements12, paid upon their evidenced occurrence.

The sum of the basic salary and the applicable additional allowances is weighted by the correction coefficient applicable for the location of the post13. The sum of usual social deductions from salary at source is subtracted from the weighted amount14. The full pay is exempted from the national income tax, but is subject to the internal income tax and the solidarity levy15.

Examples of net monthly salaries (as currently applicable in the Czech Republic) are presented below:

AD 7 - Step 1 (less than 9 years of work experience)16
a) Minimum final net salary (without any allowances) b) Final net salary with expatriation allowance

c) Final net salary with expatriation,

household and 1 dependent child allowance

5,034.69 EUR 6,083.51 EUR 7,146.04 EUR

 

AD 7 - Step 2 (more than 9 years of work experience)16
a) Minimum final net salary (without any allowances) b) Final net salary with expatriation allowance

c) Final net salary with expatriation,

household and 1 dependent child allowance

5,215.68 EUR 6,308.57 EUR 7,388.16 EUR

 

LEAVE ENTITLEMENTS

Staff is entitled to annual leave of two working days per each complete calendar month of service plus additional days for the grade, age, home leave for expatriates and an average of 16 EUSPA public holidays per year.

Special leave is granted for certain circumstances such as marriage, moving, elections, birth or adoption of a child, serious sickness of spouse, etc.

SOCIAL SECURITY

The pension scheme provides a very competitive pension after a minimum of 10 years of service and reaching the pensionable age. Pension rights acquired in one or more national schemes before starting to work at the EUSPA may be transferred into the EU pension system.

EUSPA’s benefits include an attractive Health insurance: staff is covered 24/7 and worldwide by the Joint Sickness Insurance Scheme (JSIS). Staff is insured against sickness, accident and occupational disease, and could be entitled to unemployment and to invalidity allowances.

PROFESSIONAL DEVELOPMENT AND BENEFITS CONTRIBUTING TO WORK-LIFE BALANCE

EUSPA aims at creating and maintaining a supportive and healthy work environment that enables staff members to have a balance between work and personal responsibilities, for example through flexible working time arrangements. 

EUSPA also offers a wide range of training courses to develop staff members’ personal skills and to keep in touch with the latest developments in their field. The training and professional development opportunities are attuned to the career plan and requirements of the departments.

INTERNAL AND INTERAGENCY MOBILITY

In case of internal or interagency mobility, EUSPA and the selected candidate shall conclude a contract of employment in accordance with the EUSPA rules:

https://www.euspa.europa.eu/sites/default/files/conditions_of_employment_of_temporary_staff_ta.pdf


[10] As per Articles 92 and 93 CEOS. [11] Household allowance (e.g. if you have a dependent child or you are married and your spouse's income is below a defined threshold); Dependent child allowance (e.g. if you have a child under the age of 18 or between 18 and 26, if in specified training programme); Education allowances (in very specific cases) or Payment of the education fees applicable to the educational institutions EUSPA has an agreement with (currently more than 18 international schools in the Czech Republic and Spain, and accredited European Schools in France and in the Netherlands); Expatriation allowance (16% of the sum of basic salary and other applicable allowances). [12] If the staff member is requested to change the residence in order to take up duties, s/he will be entitled to: reimbursement of the travel costs; temporary daily subsistence allowance (EUR  46.20 for up to 10 months or EUR 37.20 for 120 days, if no dependents); installation allowance (depending on personal situation, 1 or 2 months of the basic salary – paid upon successful completion of the nine-month probationary period). [13] Currently correction coefficients for the EUSPA duty locations are: 95.5% for CZ, 116.8% for FR, 109.8% for NL, 97.4% for ES The coefficient is updated every year, with retroactive effect from 1 July. [14] Pension (10.10%); health insurance (1.70%); accident cover (0.10%); unemployment insurance (0.81%). [15] Currently: income tax: tax levied progressively at a rate of between 8% and 45% of the taxable portion of the salary; solidarity levy: 6%. [16] Kindly note that the numbers in examples b) and c) are indicative and net monthly remuneration varies depending on the personal, life and social situation of the incumbent. The various components of the remuneration are updated every year, with retroactive effect from 1 July.

9. COMMITMENT

Declaration of commitment to serve the public interest independently:

The jobholder will be required to make a declaration of commitment to act independently in the public interest and to make a declaration in relation to any interest that might be considered prejudicial to his/her independence.

The jobholder will be required to carry out his/her duties and conduct him/herself solely with the interests of the European Union in mind; he/she shall neither seek nor take instruction from any government, authority, organisation or person outside his/her institution. He/she shall carry out the duties assigned with objectivity, impartiality and loyalty to the European Union.

Commitment to promote equal opportunities:

The Agency is an equal opportunities employer and strongly encourages applications from all candidates who fulfil the eligibility and selection criteria without any distinction whatsoever on grounds of nationality, age, race, political, philosophical or religious conviction, gender or sexual orientation and regardless of disabilities, marital status or other family situation.

10. DATA PROTECTION

The personal data requested from applicants will be processed in line with Regulation (EU) N° 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, officers and agencies and on the free movement of such data (repealing Regulation (EC) N° 45/2001 and Decision N° 1247/2002/EC) and the applicable privacy statement which can be accessed here.