Scope of work:

The Endpoint Security Senior Professional plays an important role in the cybersecurity engineering and operations activities at ELI-NP, with a strong focus on Microsoft-based systems. He/she is responsible for designing, implementing and operating endpoint security capabilities (primarily for those that are Microsoft-based), and offers endpoint-security-focused support for implementing and operating identity and access management capabilities. Furthermore, he/she is expected to develop, carry out and enhance cybersecurity operations in areas related to security monitoring & analytics, proactive security or digital forensics/incident response, from the perspective of Microsoft-focused endpoint security.

Main Responsabilities:

• Ensuring the security of endpoints (primarily of those that are Microsoft-based) by designing, implementing and operating the related capabilities in the ELI-NP cybersecurity architecture
• Providing endpoint-security-focused expertise and support for implementing and operating the identity and access management capabilities in the ELI-NP cybersecurity architecture
• From the perspective of Microsoft-focused endpoint security, performing, evaluating and enhancing activities pertaining to cybersecurity operations in areas such as:
  - Log management & monitoring;
  - Security Information & Event Management (SIEM);
  - Malware hunting;
  - Security assessment & testing;
  - Incident management & response;
  - Digital forensics;
  as well as implementing, operating and sharpening up the associated technical and procedural resources
• Participating as subject matter expert in the development, execution and continual update of the policies, procedures and technical aspects pertaining to cybersecurity capability management, as well as to change and configuration management, from the perspective of Microsoft-focused endpoint security
• Providing expertise and technical support for implementing, operating, securing and maintaining the computing and virtualisation infrastructure required for the cybersecurity organisational entity and its operations, as well as the backup & recovery infrastructure therefor
• Participating in cybersecurity event/incident response, investigation and post-factum analysis activities
• Carrying out technical capability/technology/product/solution analysis and evaluation activities as part of the supply chain, as well as other specific cybersecurity development activities
• Ensuring individual and collective cybersecurity knowledge refresh, acquisition and transfer, as well as threat landscape updates, through technical, conceptual and literature research and review

Main Tasks:

Professional background:

• Higher education graduate, in a field relevant for this position (e.g. computer science / informatics, electronics, telecommunications, engineering, etc.). If the higher education completed belongs to other fields than the aforementioned ones, a specialist/advanced level cybersecurity certification (vendor-specific or not) is required
• Minimum six (6) years of experience in the field of endpoint/system security (engineering, defence, forensics or offence), in an enterprise, governmental, research or similar (incl. project-based) environment
• Minimum three (3) years of experience in securing Microsoft-based endpoints, systems and/or solutions
• Solid endpoint/system security knowledge and in-depth experience implementing and operating a wide range of endpoint security techniques, technologies and capabilities, such as:
  - (Microsoft) Client/server operating system baselining and hardening;
  - Active Directory hardening;
  - Endpoint protection (e.g. next generation anti-virus, etc.);
  - Endpoint vulnerability scanning;
  - (Preferably Microsoft) Endpoint compromise assessment
• Understanding of Active Directory-based identity, authentication and access management, incl. of how to secure (or bypass) associated design patterns (e.g. AD structure, delegations), mechanisms and protocols
• Knowledge or experience with advanced Microsoft Active Directory and/or operating system security measures (e.g. ESAE, ATA, Credential Guard, etc.) and/or logging mechanisms is considered a big plus
• Experience in integrating and correlating elements as those mentioned above in log management / monitoring or SIEM solutions represents an advantage
• Knowledge of and ability to blend relevant commercial and open source cybersecurity tools/resources
• Specialist/advanced level certifications in the aforementioned areas (vendor-specific or not) are considered an asset. Furthermore, an out of the box thinking and/or an adversarial mindset are highly appreciated
• Experience in interacting with vendors and solutions/technology providers
• Ability to handle complex tasks, complex analytical skills, proven ability to solve problems, ability to deliver when working under tight deadlines
• Good interpersonal skills, a strong team spirit and a result-oriented attitude
• Good English skills (writing and speaking)

Working arrangements/Conditions of employment:

• Full time position, based in Bucharest - Magurele, Romania .
• Included: private medical coverage, paid annual leave.
• Motivating salary, at European level, based on qualifications and experience.
• The candidate should be available to travel abroad for scientific collaboration at various research infrastructures, for part of their time.
• Part of a dynamic, well-structured, savvy and autonomous team operating with full Leadership support and with clear objectives in an international and friendly environment;
• Rare opportunity to tackle the cybersecurity challenges of a world-leading scientific project and of a complex environment going way beyond the ‘usual’ IT office/enterprise landscape and that interlaces Operational Technologies / Industrial Control Systems, data acquisition systems, scientific computing resources and building management systems.
• A chance to develop one’s career and to make a difference by analysing, designing, implementing and/or operating some of the newest cybersecurity capabilities within a robust and modern framework.

Applications:

The applications shall be accompanied by the documents requested in the Rules of Selection for this position.
The applications shall be sent to the Human Resources Department at human.resources@eli-np.ro