Endpoint Security Senior Engineer / L2+ Analyst / Expert

Cyber Security Compartment

    Scope of work:
    The Endpoint Security Senior Professional plays an important role in the cybersecurity engineering and operations activities at ELI-NP, with a focus on non-Microsoft systems (Linux-based, MacOS, embedded, industrial, etc.). He/she is responsible for designing, implementing and operating endpoint security capabilities (primarily for those that are not Microsoft-based), and offers endpoint-security-focused support for implementing and operating identity and access management capabilities. Furthermore, he/she is expected to develop, carry out and enhance cybersecurity operations in areas related to security monitoring & analytics, proactive security or digital forensics/incident response, from the perspective of non-Microsoft-focused endpoint security.
    Main Responsabilities:
    • Ensuring the security of endpoints (primarily of those that are not Microsoft-based) by designing, implementing and operating the related capabilities in the ELI-NP cybersecurity architecture
    • Providing endpoint-security-focused expertise and support for implementing and operating the identity and access management capabilities in the ELI-NP cybersecurity architecture
    • From the principal perspective of non-Microsoft-focused endpoint security, performing, evaluating and enhancing activities pertaining to cybersecurity operations in areas such as:
      - Log management & monitoring;
      - Security Information & Event Management (SIEM);
      - Malware hunting;
      - Security assessment & testing;
      - Incident management & response;
      - Digital forensics
      as well as implementing, operating and sharpening up the associated technical and procedural resources
    • Participating as subject matter expert in the development, execution and continual update of the policies, procedures and technical aspects pertaining to cybersecurity capability management, as well as to change and configuration management, from the perspective of non-Microsoft-focused endpoint security
    • Providing expertise and technical support for implementing, operating, securing and maintaining the computing, virtualisation and storage infrastructure required for the cybersecurity organisational entity and its operations, as well as the backup & recovery infrastructure therefor
    • Participating in cybersecurity event/incident response, investigation and post-factum analysis activities
    • Carrying out technical capability/technology/product/solution analysis and evaluation activities as part of the supply chain, as well as other specific cybersecurity development activities
    • Ensuring individual and collective cybersecurity knowledge refresh, acquisition and transfer, as well as threat landscape updates, through technical, conceptual and literature research and review
    • Main Tasks:
        Professional background:
        • Higher education graduate, in a field relevant for this position (e.g. computer science / informatics, electronics, telecommunications, engineering, etc.). If the higher education completed belongs to other fields than the aforementioned ones, a specialist/advanced level cybersecurity certification (vendor-specific or not) is required
        • Minimum six (6) years of experience in the field of endpoint/system security (engineering, defence, forensics or offence), in an enterprise, governmental, research or similar (incl. project-based) environment
        • Minimum two (2) years of experience in securing non-Microsoft endpoints, systems and/or solutions
        • Solid endpoint/system security knowledge and in-depth experience implementing and operating a wide range of endpoint security techniques, technologies and capabilities, such as:
          - (Non-Microsoft) client/server operating system baselining and hardening;
          - Endpoint protection (e.g. next generation anti-virus, etc.);
          - Endpoint vulnerability scanning;
          - (Preferably non-Microsoft) Endpoint compromise assessment
        • Understanding of identity, authentication and access management concepts, incl. privileged access management, and how one can therefor integrate non-Microsoft systems with Microsoft Active Directory
        • Knowledge or experience with non-Microsoft operating system security measures (e.g. SELinux) and/or logging mechanisms is considered a plus
        • Experience in integrating and correlating elements as those mentioned above in log management / monitoring or SIEM solutions represents an advantage
        • Knowledge of and ability to blend relevant commercial and open source cybersecurity tools/resources
        • Specialist/advanced level certifications in the aforementioned areas (vendor-specific or not) are considered an asset. Furthermore, an out of the box thinking and/or an adversarial mindset are highly appreciated
        • Experience in interacting with vendors and solutions/technology providers
        • Ability to handle complex tasks, complex analytical skills, proven ability to solve problems, ability to deliver when working under tight deadlines
        • Good interpersonal skills, a strong team spirit and a result-oriented attitude
        • Good English skills (writing and speaking)
        Working arrangements/Conditions of employment:
        • Full time position, based in Bucharest - Magurele, Romania .
        • Included: private medical coverage, paid annual leave.
        • Motivating salary, at European level, based on qualifications and experience.
        • The candidate should be available to travel abroad for scientific collaboration at various research infrastructures, for part of their time.
        • Part of a dynamic, well-structured, savvy and autonomous team operating with full Leadership support and with clear objectives in an international and friendly environment;
        • Rare opportunity to tackle the cybersecurity challenges of a world-leading scientific project and of a complex environment going way beyond the ‘usual’ IT office/enterprise landscape and that interlaces Operational Technologies / Industrial Control Systems, data acquisition systems, scientific computing resources and building management systems.
        • A chance to develop one’s career and to make a difference by analysing, designing, implementing and/or operating some of the newest cybersecurity capabilities within a robust and modern framework.
        The applications shall be accompanied by the documents requested in the Rules of Selection for this position.
        The applications shall be sent to the Human Resources Department at human.resources@eli-np.ro