Digital Security Expert - Security Operations (ESCB-IO)

Information Technology
Information Systems

General Information

Type of contract Short-term contract, which may be extended to up to 36 months subject to individual performance and organisational needs

Contract end date 01.10.2023

Who can apply? EU nationals working for national central banks of the ESCB, international governmental organisations or other employers performing central banking or banking supervision tasks.

Salary F/G (1) (minimum full time monthly net salary €6336 and benefits, see further information section)

Role specialisation Digital Security

Working time Full time

Place of work Frankfurt am Main, Germany

Closing date 13.07.2022

Your team

You will be part of the Digital Security Services Division in the Directorate General Information Systems. The Division has over 40 staff responsible for implementing and maintaining digital security policies and technologies, and providing operational digital security services. We are currently carrying out a significant overhaul of our technology and processes as we build a state-of-the-art Security Operations Centre. To this end, we are looking for a Digital Security Expert to join a team of eight highly motivated digital security professionals.

As a Digital Security Expert your activities will focus on increasing detection capabilities, threat hunting and incident response. Working closely with Security Operations Centre and Security Engineering colleagues, you will develop innovative approaches to improving the ECB’s intrusion detection capability.

The ECB is an inclusive employer and we strive to reflect the diversity of the population we serve. We encourage you to apply irrespective of age, disability, ethnicity, gender, gender identity, race, religious beliefs, sexual orientation or other characteristics.

Your role

As a Digital Security Expert you will:
  • develop and continuously improve the quality of detection use cases, with a focus on data analysis and pattern recognition;
  • analyse new security threat information and translate it into threat detection mechanisms, i.e. use cases;
  • develop dashboards, graphs and visualisations with the objective of improving detection capabilities;
  • support and guide the work of other analysts in your capacity as a subject matter expert;
  • support the resolution of security incidents by, for example, handling the incident, carrying out computer forensic analysis, executing a mitigation plan and providing your assessment and recommendations;
  • represent the Security Operations Centre team in interactions with customers and other teams across the ECB.

We are seeking candidates for this role who demonstrate the potential for growth, and we will support the selected candidate in their future development of the required knowledge, skills or competencies.

The position offers you excellent opportunities to apply state-of-the-art concepts and methods to protecting the information assets of a leading central bank. You will be part of multicultural team that strives for continuous innovation to make a positive impact on the lives of European citizens.

Qualifications, experience and skills

  • a master’s degree or equivalent in computer science, information systems or another relevant field (see How you can join us for details on degree equivalences);
  • in addition to the above, a minimum of five years’ experience in the field of information technology security;
  • at least three years’ operational experience in a digital security operations centre, on a computer security incident response team or similar;
  • an excellent understanding of network architectures, networking protocols, operating system internals and attacker tactics;
  • familiarity with at least one programming/scripting language (e.g. Python, PowerShell, C/C++, Java, Perl);
  • an advanced (C1) command of English and an intermediate (B1) command of at least one other official language of the EU, according to the Common European Framework of Reference for Languages.

  • experience with security information and event management technologies such as Splunk, Elasticsearch or ArcSight, or familiarity with database technologies such as SQL, MongoDB, Hadoop or similar;
  • experience in some of the following areas: vulnerability scanning and penetration testing, digital forensics, reverse engineering, intrusion detection systems, threat hunting.

You engage collaboratively with others. You pursue team goals and learn willingly from other people’s diverse perspectives. You signal any need for change by explaining it and proposing alternative solutions. You analyse complex information effectively and can evaluate different views to arrive at solutions. You know and anticipate stakeholder needs. 

You are motivated to be part of our team and to develop and use your skills and competencies to achieve the aims of this position.

Further information

The contract offered will be short-term ESCB/IO, the appointment being for 12 months as of the exact starting date of the selected person, extendable to up to 36 months.

For additional information on this specific vacancy, you can speak to the hiring manager, Francois Gaudan, on +49 69 1344 17371 between 14:00 and 16:00 on Friday, 8 July.

Application and selection process

The recruitment process for this position will be conducted remotely. It may include a presentation and an interview. 

If you are not selected for this position but are still considered suitable, you will be placed on a reserve list (see step 4 of How we hire), from which you might be considered for similar positions within the ECB.

Find out how to apply for a position at the ECB. 
Read more about joining us.