Head of IT Security

Brussels, Belgium, EUROCONTROL [NOC-NM-2020-AD/133]

Field(s) of expertise
Cyber Security Information Technology
Job type

About this job

Within the Network Management Directorate, the Network Manager keeps the network operating as smoothly and efficiently as possible, working closely to support industry actors by providing services, functions, deliverables and training. The Network Manger delivers ATM performance for the pan-European network in the areas of safety, capacity, environment/flight efficiency and cost-effectiveness.

The Head of IT Security shall be responsible to the Chief Technology Officer for the implementation of IT Security strategy and principles. S/he will address areas such as IT security design and control, review of rules, policies, standards, etc including risk assessment and control activities. The Head of IT Security will manage a team of approximately 5+ staff.


  • Develop and implement his/her IT security objectives, and manage its range of activities and resources (budget and personnel);
  • Design, manage and control the protection of information and information systems from unauthorised access, use, disclosure, disruption, modification, or destruction and ensure integrity, confidentiality, and permanent availability of IT applications and IT infrastructure;
  • Develop and maintain information security rules and standards, procedures, guidelines and plans tailored to the specific needs of the information systems;
  • Provide cyber security services in order to support the Agency’s compliance to EU regulations as well as to protect EUROCONTROL assets, data and information;
  • Provide a Security Operations Centre (SOC);
  • Conduct ad-hoc penetration tests under well controlled conditions;
  • Manage the external provision of Managed Security Services (i.e. applicable to any of the above-mentioned services that are outsourced).


  • Completed university studies of 4 years in a relevant domain, e.g. Master’s degree in an IT security related domain;
  • A minimum 10 years of relevant experience;
  • Internal candidates should check on the intranet to see what level of in-house experience is considered equivalent to educational qualifications where appropriate;
  • Following Certification would be considered an advantage:
    • CISM (certified information security manager),
    • CISSP (Certified Information Systems Security Professional),
    • GIAC (Global Information Assurance certification).
  • Proficiency in information and cyber security and data protection;
  • Experience/ in several of the following fields; security investigation, security management, security risk assessment, security management systems, threat mitigation, etc.;
  • Knowledge of current and emerging IT security technologies;
  • Communication: adapts communication to different situations and audiences;
  • Managing people: sets and implements team standards;
  • Problem solving: solves complex problems and provides effective solutions;
  • Analytical thinking: applies methodical approach to complex information;
  • Ability to work in a multinational and multicultural environment;
  • Professional conduct in line with the corporate behaviours of the Agency, i.e. result-driven, readiness to change, customer focus, integrity and team-player approach;
  • The languages of the Agency are English and French. Thorough knowledge (oral/written) of one of the working languages of the Agency (English/French) and satisfactory knowledge of the other language.


  • Applications will be accepted from nationals of EUROCONTROL Member States only. At the closing date of the notice of competition, internal candidates must have completed their probationary period.
  • This is an appointment for a determined period of 5 Year(s). It could be extended up to a maximum of 9 years or converted into an undetermined contract. Before being established in the post, the external candidate will be requested to provide certified copies of his/her degrees and successfully serve a probationary period of 9 months.

For information on how the personal data in your application is processed, please see the EUROCONTROL Privacy Policy.