Functional area: Information Systems
Reference: 2015-112-EXT
Function:
The European Central Bank (ECB) is seeking candidates for the position of Enterprise Security Architect in the Security and Architecture Division of its Directorate General Information Systems (DG/IS).
DG/IS provides the information and communication systems of the ECB, and develops and supports IT systems necessary for carrying out the tasks of the Eurosystem and the European System of Central Banks (ESCB).
The Security and Architecture Division develops, implements and maintains IS security and architecture policies, frameworks, blueprints and methodologies, and provides IS security and architecture services for ECB/ESCB projects and operations.
The successful applicant will be assigned to the Enterprise Architecture unit; one of three units in the Division (the other two being the Operational Security and IS Security Governance units).
The Enterprise Architecture unit develops and supports IT architecture standards, frameworks and strategies underpinning the IT systems and related services of the ECB and the ESCB. The unit’s experts define requirements, principles, target state models and roadmaps, and thereby facilitate decision-making on all types of change, be it of a strategic, tactical or operational nature. In addition, they support project teams in the development of specific solutions aligned to the frameworks implemented.
The successful applicant will be entrusted with the following main tasks:
Enterprise architecture
- as a member of the Enterprise Architecture team, he/she will be charged with participating in the development and maintenance of the enterprise architecture framework and other key models and documents;
- proactively contributing to the establishment and consolidation of the enterprise architecture function, discipline and the methods used in various organisational processes;
Security architecture
- developing and maintaining an integrated and coherent security architecture strategy that is aligned with the security policy and embedded in the overall enterprise architecture strategy;
- developing and maintaining security requirements, principles, target state models and roadmaps in the context of strategic architecture development assignments;
- collaborating with other enterprise and solution architects, with IT security experts and with other technical specialists to integrate security controls into a cohesive IT architecture;
- contributing to review activities by recommending and approving suitable actions to address security findings;
- establishing close cooperation with the IS Security Governance team to ensure that the security architecture strategy complies with policy; providing an input to policy-making and risk management activities;
- driving and influencing the implementation and evolution over time of technical solutions serving a security purpose;
- supporting the Architecture Steering Board by representing the needs of the security architecture;
Project support
- identifying and prioritising security infrastructure projects and investments, including via the organisation’s project portfolio management process;
- supporting projects in the identification and design of the most suitable controls and measures for meeting security requirements;
- reviewing and endorsing project documentation;
- acting as a solution architect, drawing on the expertise of the entire Enterprise Architecture team, and going beyond security aspects if necessary;
- providing security requirements and guidance for procurement procedures and technology selection activities.
Qualifications and experience:
Applicants must have the following knowledge and competencies:
- a master’s degree, preferably in information technology or a related discipline;
- twelve or more years of experience in the field of information technology, acquired after completing university education;
- at least four years of experience as an enterprise security architect, working within an information security or enterprise architecture team, or as a consultant;
- knowledge of, and experience with, enterprise architecture methodologies, frameworks and industry best practices;
- a mastery of generally accepted information security principles, methods, reference frameworks and patterns;
- a thorough understanding of current as well as emerging security threats, and experience in designing security architecture that enables an organisation to prevent, detect and respond to threats;
Knowledge of (and, preferably, experience with) all relevant aspects of the following areas:
- data centre physical security;
- network layout, segregation and segmentation;
- network perimeter and monitoring controls;
- host-based security controls, including end-point security solutions;
- security event monitoring and logging platforms;
- encryption technologies;
- vulnerability management platforms;
- secure software development, security testing methods and tools;
- cloud security;
Knowledge of (and, preferably, experience with) identity governance, including:
- role-based access control concepts and their design and implementation;
- directory architectures;
- identity and access management infrastructures;
- identity and permission management, as well as the related policies, processes and procedures;
- strong authentication mechanisms and technologies;
- PKI and digital certificates management;
- a working knowledge of ISO 27001;
- experience in using security risk assessment methodologies.
The following would be considered an asset:
- knowledge of, and experience in, the following IT areas:
- digital rights management;
- malware analysis solutions and appliances;
- a working knowledge of enterprise architecture frameworks such as TOGAF 9;
- a valid industry certification in information security and/or enterprise architecture;
- experience with one or more enterprise architecture tools;
- work experience in a high-security public sector environment as well as in the financial services sector.
Competencies:
The successful candidate will have the following behavioural competencies:
- thinks strategically; assesses all relevant aspects of a problem (both of a technical and non-technical nature), while not losing sight of the “bigger picture”;
- possesses strong analytical skills and is able to conceptualise complex, multidimensional problems in ways that facilitate the identification of possible solutions;
- produces compelling high-quality deliverables tailored to the needs of the target audience which are effective from the point of view of communication;
- communicates effectively at all levels – with management staff and all relevant stakeholders (technical and non-technical) ‒ both within and outside the organisation;
- exerts influence both directly and indirectly in order to communicate ideas and implement the most suitable approach;
- can negotiate skilfully in difficult situations involving both internal and external parties and establish mutually agreeable solutions;
- operates with a large degree of autonomy; manages his/her own workload independently, providing status updates, liaising with others and escalating issues as appropriate;
- takes initiative; can gather necessary knowledge and information independently and is able to remain motivated, even during challenging assignments.
Further Information:
Three-year fixed-term contract, with possible conversion to a contract of indefinite duration subject to individual performance and organisational needs.
To further enhance the diversity of its workforce, the ECB particularly encourages applications from female candidates.
How to apply:
Applications are to be made in English and submitted using our online application form. An "Applicants' Guide" can be downloaded from our recruitment pages.
The recruitment process may include a pre-screening exercise, a written exercise, a presentation and interviews.
Applications are accepted from nationals of Member States of the European Union.
The requirements laid down in the vacancy notice must be met by the closing date for applications.
This vacancy notice may be used to fill the same position again, or similar positions, within 12 months of the selection decision.
Further information:
The selection committee may place suitable candidates on a reserve list, from which candidates may be appointed to similar positions in the same or another business area. It may also be decided to fill the position advertised in this vacancy notice with a suitable candidate from the reserve list resulting from a recruitment procedure for a similar position. Candidates will be informed accordingly if this happens.
Closing Date for Applications: Thu, 18 Jun 2015
This position has been allocated to salary band: F/G