Produce, maintain and disseminate guidance documents in the area of security and compliance related solutions’ design and implementation
Liaise with security and compliance organizations external to ICT, gathering requirements, managing the relationship and expectations for work and bringing into ICT specific demand to be addressed in solutions or procedures
Support security and/or infrastructure engineering teams in the definition and maintenance of solution design artefacts in IT development projects, specifically IAM, AD/ADFS solutions in a container-based microservices landscape (Docker, Kubernetes, etc.)
Monitor new promising technologies and analyse their applicability to Europol, specifically IAM, AD/ADFS solutions in a container-based microservices landscape (Docker, Kubernetes, etc.)
Produce, maintain, update and disseminate the set of ICT security architecture baseline documentation, including security architecture standards
Provide security architecture assurance services by reviewing detailed security designs and assessments reports, ensuring ICT solutions are implemented inline security architecture specifications
Qualifications
Mandatory:
A minimum of 7 years’ experience in Security Architecture roles
Professional experience on at least 3 large scale projects (custom development or COTS-based) with responsibility for security design or security architecture definition.
Professional experience in devising and implementing IAM solutions at scale, with knowledge of IAM solutions used in network segmented and accredited environments, also with Internet exposure
Professional experience in devising a technical design and implementing one large scale deployment of Microsoft ADFS for token based authentication, based on the OAuth2 standard
Working knowledge of English (B1 or higher)
Mandatory or desirable:
Professional knowledge of application level security controls applicable at least to Java/.Net solutions, including definition of RBAC models
Professional knowledge of infrastructure level security controls, including firewall, content inspection tools, LAN and wireless network security controls as well as perimeter security controls, etc
Professional knowledge of OAuth2 standard and token based authentication and authorization models
Professional knowledge of security compliance processes and standards, especially those applicable to law enforcement and EC organisations
Professional knowledge of Information risk management frameworks, including threat and vulnerability scenarios and corresponding risk mitigation action plan.
Desirable:
Professional knowledge of Internet security controls and best practices is desirable
Professional knowledge of security architecture and/or assurance within the law enforcement or military domains projects is desirable