Scope of work:

This Cybersecurity Professional plays an important role in the cybersecurity engineering and operations activities at ELI-NP, especially when it comes to non-Microsoft-based systems and solutions. He/she is involved in the design, implementation and operation of endpoint security and of the related identity and access management capabilities. Furthermore, he/she is expected to develop, carry out and enhance cybersecurity operations in areas related to security monitoring & analytics, proactive security or digital forensics/incident response, and to technically support cybersecurity capability and asset management within ELI-NP, as well as change/configuration management and knowledge management.

Main Responsabilities:

• Ensuring the security of endpoints/systems (primarily of those that are not Microsoft-based) by supporting and participating in the design, implementation and operation of the related capabilities in the ELI-NP cybersecurity architecture
• Providing endpoint-security-focused expertise and support for implementing and operating the identity and access management capabilities in the ELI-NP cybersecurity architecture
• From the perspective of non-Microsoft-focused endpoint/system security, performing and supporting activities pertaining to cybersecurity operations in areas such as:
  - Log management & monitoring;
  - Security Information & Event Management (SIEM);
  - Malware hunting;
  - Security assessment & testing;
  - Incident management & response;
  - Digital forensics
  as well as implementing, operating and sharpening up the associated technical and procedural resources
• Participating in the development, execution and continual update of the policies, procedures and technical aspects pertaining to cybersecurity capability management, as well as to change/configuration management, from the perspective of non-Microsoft-focused endpoint/system security
• Implementing, operating and continually improving the policies, procedures and technical aspects pertaining to cybersecurity knowledge management, as well as information classification and handling
• Providing expertise and technical support for implementing, operating, securing and maintaining the VMware-based computing, storage and virtualisation infrastructure elements required for the cybersecurity organisational entity and its operations, as well as the backup & recovery infrastructure therefor
• Participating in cybersecurity event/incident response, investigation and post-factum analysis activities
• Carrying out technical capability/technology/product/solution analysis and evaluation activities as part of the supply chain, as well as other specific cybersecurity development activities
• Ensuring individual and collective cybersecurity knowledge refresh, acquisition and transfer, as well as threat landscape updates, through technical, conceptual and literature research and review

Main Tasks:

Professional background:

• Higher education graduate, in a field relevant for this position (e.g. computer science / informatics, electronics, telecommunications, engineering, etc.). If the higher education completed belongs to other fields than the aforementioned ones, a cybersecurity certification (vendor-specific or not) is required
• Minimum three (3) years of experience in the field of cyber/information security (engineering, operations or forensics), in an enterprise, governmental, research or similar (incl. project-based) environment
• Practical experience in securing non-Microsoft-based endpoints, systems and/or solutions
• Endpoint/system security knowledge and experience implementing and operating techniques, technologies and capabilities such as:
  - (Non-Microsoft) Client/server operating system baselining and hardening;
  - Endpoint protection (e.g. next generation anti-virus, etc.);
  - Endpoint vulnerability scanning
• Knowledge of and practical experience with operating system security measures and/or logging mechanisms is considered a big plus
• Practical experience in implementing, operating and/or maintaining non-Microsoft virtualization and/or storage technologies (VMware), knowledge management platforms (Jira, Confluence) and/or networking equipment (HPE/Aruba) represents a plus
• Experience in integrating and correlating elements as those mentioned above in log management / monitoring or SIEM solutions represents an advantage.
• Knowledge of and ability to blend relevant commercial and open source cybersecurity tools/resources
• Certifications in the aforementioned areas (vendor-specific or not) are considered an asset. Furthermore, an out of the box thinking and/or an adversarial mindset are highly appreciated
• Ability to handle complex tasks, complex analytical skills, proven ability to solve problems, ability to deliver when working under tight deadlines
• Good interpersonal skills, a strong team spirit and a result-oriented attitude
• Good English skills (writing and speaking)

Working arrangements/Conditions of employment:

• Full time position, based in Bucharest - Magurele, Romania .
• Included: private medical coverage, paid annual leave.
• Motivating salary, at European level, based on qualifications and experience.
• The candidate should be available to travel abroad for scientific collaboration at various research infrastructures, for part of their time.
• Part of a dynamic, well-structured, savvy and autonomous team operating with full Leadership support and with clear objectives in an international and friendly environment;
• Rare opportunity to tackle the cybersecurity challenges of a world-leading scientific project and of a complex environment going way beyond the ‘usual’ IT office/enterprise landscape and that interlaces Operational Technologies / Industrial Control Systems, data acquisition systems, scientific computing resources and building management systems.
• A chance to develop one’s career and to make a difference by analysing, designing, implementing and/or operating some of the newest cybersecurity capabilities within a robust and modern framework.

Applications:

The applications shall be accompanied by the documents requested in the Rules of Selection for this position.
The applications shall be sent to the Human Resources Department at human.resources@eli-np.ro