Threat-Led Penetration Test Expert

Short company description

As the central bank for Europe's single currency, the euro, we have two main tasks. First, we aim for stable prices in the euro area. We do this by setting the short-term interest rate and by working closely with the national central banks of countries that have adopted the euro. Stable prices are important for people and businesses to feel secure in making plans to invest for the future. Second, we supervise banks in the euro area. We do this by working together with national supervisors to review how banks conduct their activities and ensure rules are applied in the same way across Europe. This makes the banking sector more stable and trustworthy for people and companies.

Requirements

Essential:
a master’s degree or equivalent, preferably in computer science or natural sciences (see How you can join us for details on degree equivalences);
in addition to the above, at least three years of relevant professional experience and, as a result, an excellent knowledge of IT security testing;
good knowledge of the organisation and structure of banks, financial sector processes and service providers in the sector;
experience in project management, especially in IT;
a high level of commitment and flexibility, as well as the ability to work efficiently and effectively under pressure;
an ability to familiarise yourself quickly with new topics and a willingness to continue learning;
very good IT user skills (MS Office);
an advanced (C1) command of English and an intermediate (B1) command of at least one other official language of the EU, according to the Common European Framework of Reference for Languages.

Desired:
experience of penetration testing, red teaming or threat intelligence;
knowledge of regulatory frameworks and standards regarding the control and management of operational risks, such as DORA, TIBER-EU and the NIS2 Directive;
professional qualifications such as CISSP, CISM or CRISC.

You engage collaboratively with others. You pursue team goals and learn willingly from other people’s diverse perspectives. You signal any need for change by explaining it and proposing alternative solutions. You analyse complex information effectively and can evaluate different views to arrive at solutions. You know and anticipate stakeholder needs.
You are motivated to be part of our team and to develop and use your skills and competencies to achieve the objectives of this position. You are aware of your strengths and areas for development and know what motivates you to perform at your highest level.

Responsibilities

As a TLPT test manager, you will:
take an active part in overseeing tests, working in close contact with the supervised financial institutions, the red team and all other stakeholders;
contribute to the various stages of the TLPT process, such as identifying institutions to be tested, planning tests, liaising with the TLPT cyber teams, assisting with attestations and providing guidance to the Joint Supervisory Teams for specific tests;
contribute to the SSM TLPT community and overall TIBER community;
help to ensure banks conduct TLPT as safely as possible while increasing their resilience to cyberattacks.
The position of TLPT expert offers you excellent opportunities to work as part of a results-focused team in an exciting and demanding environment. Your role will involve constructively challenging senior management of banks on complex issues, engaging with others in a collaborative and effective manner, and anticipating stakeholders’ needs in the increasingly important area of cyber/IT risk. The organisational combination of TLPT testing and on-site inspections also offers opportunities in the future to join IT risk inspections to see the other side of IT infrastructure at banks. You will be part of a multicultural team that strives for continuous innovation to make a positive impact on the lives of European citizens.

Other info

The recruitment process for this position will be conducted remotely. It will include a written exercise in the pre-selection phase and – if you are invited to participate in the subsequent selection phase – a presentation and an interview.

If you are not selected for this position but are still considered suitable, you will be placed on a reserve list (see step 4 of How we hire), from which you might be considered for similar positions within the ECB.

Find out how to apply for a position at the ECB.

Monthly salary offered

5743RON

Benefits

• Relocation bonus
• Medical insurance
• Trainings
• Courses
• Certifications
• Laptop
• Mobile phone