Scope of work:
The Cybersecurity Operational Management Specialist is responsible for cybersecurity capability and asset management within ELI-NP, carries out change and configuration management activities therefor, and accomplishes information classification and handling tasks. He/she also contributes to the planning, coordination and operational management of cybersecurity activities, carries out criticality analyses from a business continuity management perspective and is involved in awareness/cybersecurity training activities. Furthermore, he/she supports the development and update of the cybersecurity policies and procedures of ELI-NP, as well as of the mapping between the cybersecurity architecture and the relevant national and international frameworks, standards, laws/regulations and speciality publications.
- Developing, operating and maintaining the policies and procedures pertaining to cybersecurity capability and asset management, and representing the cybersecurity function in related ELI-NP-wide practices
- Supporting the development, execution and regular update of the policies and procedures pertaining to change and configuration management, as well as information classification and handling, within the cybersecurity organisational entity and, as needed/appropriate, in related ELI-NP-wide practices
- From a business continuity management and cybersecurity perspective, carrying out criticality analyses for the ELI-NP project in regard to its assets, processes and activities
- Supporting the planning, coordination and operational management of specific cybersecurity activities, as well as the internal and external cybersecurity communication
- Supporting and, as appropriate/needed, participating in cybersecurity awareness-raising and training processes and activities.
- Supporting the development and maintenance of an up-to-date bidirectional mapping between the ELI-NP cybersecurity architecture, capabilities / functions, policies and procedures on the one hand, and relevant national and international frameworks (e.g. NIST Cybersecurity Framework), standards (e.g. ISO 27000 series), laws/regulations and speciality publications (e.g. NIST SP) on the other hand
- Supporting the development and update of cybersecurity policies and procedures, in alignment with the relevant national/international frameworks, standards, regulations/laws and speciality publications
- Ensuring individual and collective cybersecurity knowledge refresh, acquisition and transfer, as well as risk landscape updates, through conceptual and literature research and review
- Higher education graduate
- Minimum five (5) years of working in cybersecurity, information assurance/security, business continuity management (BCM), risk management (RM) or IT with an emphasis on cybersecurity
- Minimum one (1) year of experience in asset, service, change and/or configuration management
- Experience in developing cybersecurity, BCM or RM policies or procedures in an enterprise, governmental, research or similar (incl. project-based) environment represents an advantage
- Familiarity with relevant international cybersecurity, asset/service management and/or business continuity management methodologies, standards and practices
- Knowledge and understanding of principles, concepts and approaches used in a cybersecurity architecture
- Familiarity with relevant ISO and NIST publications is considered a plus
- Experience in organising or delivering cybersecurity/awareness training sessions
- Specialist and advanced level certifications are considered an asset, if relevant to this position
- Experience in inter-functional communication, in formal and informal settings
- Ability to handle complex tasks, complex analytical skills, proven ability to solve problems, ability to deliver when working under tight deadlines
- Good interpersonal skills, a strong team spirit and a result-oriented attitude
- Good English skills (writing and speaking)
Working arrangements/Conditions of employment:
- Full time position, based in Bucharest - Magurele, Romania .
- Included: private medical coverage, paid annual leave.
- Motivating salary, at European level, based on qualifications and experience.
- The candidate should be available to travel abroad for scientific collaboration at various research infrastructures,
for part of their time.
- Part of a dynamic, well-structured, savvy and autonomous team operating with full Leadership support and with clear objectives in an international and friendly environment;
- Rare opportunity to tackle the cybersecurity challenges of a world-leading scientific project and of a complex environment going way beyond the ‘usual’ IT office/enterprise landscape and that interlaces Operational Technologies / Industrial Control Systems, data acquisition systems, scientific computing resources and building management systems.
- A chance to develop one’s career and to make a difference by analysing, designing, implementing and/or operating some of the newest cybersecurity capabilities within a robust and modern framework.
The applications shall be accompanied by the documents requested in the Rules of Selection for this position.
The applications shall be sent to the Human Resources Department at email@example.com