Scope of work:
This Cybersecurity Professional plays an important role in the cybersecurity engineering and operations activities at ELI-NP, especially when it comes to non-Microsoft-based systems and solutions. He/she is involved in the design, implementation and operation of endpoint security and of the related identity and access management capabilities. Furthermore, he/she is expected to develop, carry out and enhance cybersecurity operations in areas related to security monitoring & analytics, proactive security or digital forensics/incident response, and to technically support cybersecurity capability and asset management within ELI-NP, as well as change/configuration management and knowledge management.
Main Responsabilities:
- Ensuring the security of endpoints/systems (primarily of those that are not Microsoft-based) by supporting and participating in the design, implementation and operation of the related capabilities in the ELI-NP cybersecurity architecture
- Providing endpoint-security-focused expertise and support for implementing and operating the identity and access management capabilities in the ELI-NP cybersecurity architecture
- From the perspective of non-Microsoft-focused endpoint/system security, performing and supporting activities pertaining to cybersecurity operations in areas such as:
- Log management & monitoring;
- Security Information & Event Management (SIEM);
- Malware hunting;
- Security assessment & testing;
- Incident management & response;
- Digital forensics
as well as implementing, operating and sharpening up the associated technical and procedural resources
- Participating in the development, execution and continual update of the policies, procedures and technical aspects pertaining to cybersecurity capability management, as well as to change/configuration management, from the perspective of non-Microsoft-focused endpoint/system security
- Implementing, operating and continually improving the policies, procedures and technical aspects pertaining to cybersecurity knowledge management, as well as information classification and handling
- Providing expertise and technical support for implementing, operating, securing and maintaining the VMware-based computing, storage and virtualisation infrastructure elements required for the cybersecurity organisational entity and its operations, as well as the backup & recovery infrastructure therefor
- Participating in cybersecurity event/incident response, investigation and post-factum analysis activities
- Carrying out technical capability/technology/product/solution analysis and evaluation activities as part of the supply chain, as well as other specific cybersecurity development activities
- Ensuring individual and collective cybersecurity knowledge refresh, acquisition and transfer, as well as threat landscape updates, through technical, conceptual and literature research and review
Main Tasks:
Professional background:
- Higher education graduate, in a field relevant for this position (e.g. computer science / informatics, electronics, telecommunications, engineering, etc.). If the higher education completed belongs to other fields than the aforementioned ones, a cybersecurity certification (vendor-specific or not) is required
- Minimum three (3) years of experience in the field of cyber/information security (engineering, operations or forensics), in an enterprise, governmental, research or similar (incl. project-based) environment
- Practical experience in securing non-Microsoft-based endpoints, systems and/or solutions
- Endpoint/system security knowledge and experience implementing and operating techniques, technologies and capabilities such as:
- (Non-Microsoft) Client/server operating system baselining and hardening;
- Endpoint protection (e.g. next generation anti-virus, etc.);
- Endpoint vulnerability scanning
- Knowledge of and practical experience with operating system security measures and/or logging mechanisms is considered a big plus
- Practical experience in implementing, operating and/or maintaining non-Microsoft virtualization and/or storage technologies (VMware), knowledge management platforms (Jira, Confluence) and/or networking equipment (HPE/Aruba) represents a plus
- Experience in integrating and correlating elements as those mentioned above in log management / monitoring or SIEM solutions represents an advantage.
- Knowledge of and ability to blend relevant commercial and open source cybersecurity tools/resources
- Certifications in the aforementioned areas (vendor-specific or not) are considered an asset. Furthermore, an out of the box thinking and/or an adversarial mindset are highly appreciated
- Ability to handle complex tasks, complex analytical skills, proven ability to solve problems, ability to deliver when working under tight deadlines
- Good interpersonal skills, a strong team spirit and a result-oriented attitude
- Good English skills (writing and speaking)
Working arrangements/Conditions of employment:
- Full time position, based in Bucharest - Magurele, Romania .
- Included: private medical coverage, paid annual leave.
- Motivating salary, at European level, based on qualifications and experience.
- The candidate should be available to travel abroad for scientific collaboration at various research infrastructures,
for part of their time.
- Part of a dynamic, well-structured, savvy and autonomous team operating with full Leadership support and with clear objectives in an international and friendly environment;
- Rare opportunity to tackle the cybersecurity challenges of a world-leading scientific project and of a complex environment going way beyond the ‘usual’ IT office/enterprise landscape and that interlaces Operational Technologies / Industrial Control Systems, data acquisition systems, scientific computing resources and building management systems.
- A chance to develop one’s career and to make a difference by analysing, designing, implementing and/or operating some of the newest cybersecurity capabilities within a robust and modern framework.
Applications:
The applications shall be accompanied by the documents requested in the Rules of Selection for this position.
The applications shall be sent to the Human Resources Department at human.resources@eli-np.ro