Computer Security Expert
At CERN, the European Organization for Nuclear Research, physicists and engineers are probing the fundamental structure of the universe. Using the world's largest and most complex scientific instruments, they study the basic constituents of matter - fundamental particles that are made to collide together at close to the speed of light. The process gives physicists clues about how particles interact, and provides insights into the fundamental laws of nature. Find out more on http://home.cern.
Are you passionate about protecting data networks, computing services and IT infrastructures against cyber-attacks? If so, take up the challenge and join CERN’s unique and sophisticated Computer Security Team. CERN, take part!
Like any other organization, university or company, CERN is facing a permanent threat from different kinds of cyber-attacks putting its office computers, computer centres as well as accelerators and experiments at risk. Proactive detection of such attacks based on intelligence from many different sources and the monitoring of a vast sphere of computer centre nodes, network traffic and storage systems has become key to avert any abuse of CERN’s computing resources.
You will join:
The CERN Computer Security Team (https://cern.ch/security), which is mandated to secure and protect all aspects of the computing infrastructure of CERN as well as its operations and reputation against any kind of cyber-threats, and take over an active role in managing, maintaining, and improving CERN’s Security Operations Centre (SOC).
More information on the IT Department is at: http://cern.ch/it.
- As a Computer Security Expert, the successful candidate shall join the CERN Computer Security Team and take over full responsibility for the further development and extension of the CERN Security Operations Centre (SOC). This SOC receives and stores a flat data stream topping a few terabytes per day, performs automatic real-time comparison with indicators of compromise, and provides long-term storage for future forensics as well as thorough data enrichment for incident response. It also manages and shares threat intelligence with our partners. Your responsibility includes continuing to improve the SOC currently running on CERN’s IT department’s central computing facilities (e.g. Elastic Search, HDFS, Kafka, Flume, Puppet, CentOS, etc.), adding further sources of security-relevant data, and programming interfaces automatically informing end-users of potential security problems.
- In parallel, you shall contribute and manage a series of computer security projects (e.g. Windows computing, firewall appliances, SPAM & malware filtering, control system & IoT security, storage of secrets) relevant for a better protection of the Organization as well as providing advice and consultancy in matters of computer security.
- Furthermore, you will also participate in the CERN CERT (Computer Emergency Response Team) and autonomously and independently handle computer security incidents as well as provide forensics capabilities within CERN but also happening at remote sites associated with the so-called Worldwide LHC computing grid, the high-energy physics community, or collaborating institutes and universities.
Master's degree or equivalent relevant experience in the field of computer science, computer security, information technology or a related field.
The successful candidate should come with proven expertise both on security operations (DFIR, threat intel) and security infrastructures design (SOC, EDR, big data solutions) as well as experience on computer, network or software security, and, preferably, as computer system administrator. Strong communication, presentation and collaboration-building skills are essential.
- Design of networks: as well as knowledge of communication technologies and protocols.
- Administration of computing systems: as well as installation, operation and maintenance (preventive and corrective) of computing systems. In particular, excellent knowledge of the Linux/UNIX operating system, virtualization, databases and in particular of shell scripting and programming (Python, and/or C); other languages or technologies would be a plus.
- Knowledge of best practices for developing secure software: and of, development and integration of IT security (features).
- Monitoring and responding to security threats and incidents for ICT systems.
- Achieving results: delivering high quality work on time and fulfilling expectations; having a structured and organised approach towards work; being able to set priorities and plan tasks with results in mind.
- Communicating effectively: successfully changing other people's opinions by persuasive arguments; expressing opinions, ideas and suggestions with conviction and in a logical/structured manner; keeping to the point.
- Learning and sharing knowledge: keeping up-to-date with developments in own field of expertise and readily absorbing new information; sharing knowledge and expertise freely and willingly with others; coaching others to ensure knowledge transfer.
- Solving problems: identifying, defining and assessing problems, taking action to address them; addressing complex problems by breaking them down into manageable components.
- Demonstrating accountability: taking responsibility for own actions and decisions.
- Spoken and written English: ability to draw-up technical specifications and/or scientific reports and to make oral presentations.
- Basic knowledge of French or an undertaking to acquire it rapidly.
Eligibility and closing date:
Diversity has been an integral part of CERN's mission since its foundation and is an established value of the Organization. Employing a diverse workforce is central to our success. We welcome applications from all Member States and Associate Member States. (https://home.cern/about/member-states)
This vacancy will be filled as soon as possible, and applications should normally reach us no later than 07.04.2019.
Contract type: Limited duration contract (5 years). Subject to certain conditions, holders of limited-duration contracts may apply for an indefinite position.
These functions require:
- Work during nights, Sundays and official holidays, when required by the needs of the Organization.
- Stand-by duty, when required by the needs of the Organization.
Job grade: 6-7
Job reference: IT-DI-CSO-2019-19-LD
Benchmark Job Title: Computing Engineer
Please make sure you have all the documents needed to hand as you start your application, as once it is submitted, you will not be able to upload any documents or edit your application further