EEAS Vacancy: IT Security Assistant – Offensive Security Specialist (AST6) - Digital Solutions Division, RM.SCS.5.CYS - Job 464459

WE ARE

The European External Action Service (EEAS) supports the work of the High Representative in defining and implementing an effective and coherent foreign policy of the European Union and in her tasks of conducting the EU's Common Foreign and Security Policy and chairing the Foreign Affairs Council. It also supports the High Representative in her capacity of Vice President of the Commission. The EEAS works in close cooperation with Member States, the Council and relevant services of the European Commission.

The main mission of EEAS Digital Solutions division is to assist the European External Action Service and EU’s Delegation worldwide network in achieving its strategic objectives by supporting administrative and core business processes with modern Information and Communication Technology tools. The unit is composed of 50 officials and more than 200 experts and is organised in four sections: Management, IT Operations, Services and Security. 

WE PROPOSE:

The EEAS is launching a call for expression of interest for the recruitment of one IT Security Assistant – Offensive Security Specialist (AST6) as Temporary Agent under Article 2(b) of the Conditions of Employment of other servants of the EU[1] in accordance with EEAS Decision Admin(2015) 20 on the engagement and use of temporary agents.

Please note that, candidates who have been engaged by the EEAS as non-permanent servants (temporary and contract agents engaged under Article 3b of the CEOS), will be bound by Decision ADMIN(2023) 24 of the High Representative of the Union for Foreign Affairs and Security Policy of 14/07/2023 on the maximum duration of engagement by the European External Action Service of non-permanent staff under successive limited duration contracts of different types, and on the minimum lapse of time between successive contracts under Article 2(e) of the CEOS and repealing the Decision ADMIN(2020) 10 of the High Representative of the Union for Foreign Affairs and Security Policy of 16/07/2020.

WE LOOK FOR:

A dynamic and service-oriented colleague with a very strong IT Security technical background with proven experiences in offensive security related activities (penetration testing, vulnerability assessment, purple team activities). In addition to demonstrating very good analytical and organisational skills, the successful candidate will have to be pro-active and be able to follow the procedures on an autonomous basis. 

The ability to build and maintain good human relations within the teams and with our internal customers is essential. The selected candidate should demonstrate significant relevant experience.

As purple team operator, the main responsibilities are as follows:

• Develop and execute adversary emulation in complex scenarios.

• Identify potentially insecure processes and systems.

• Reproduce attacks in the organization to demonstrate their exploitability.

• Utilize detections to improve the effectiveness of adversary emulation scenarios.

• Collaborate with the SOC and propose improvements in detections based in the emulation results.

• Create and use custom tools to automate and optimize the adversary emulation process.

• Provide security design reviews to ensure compliance with company policies and directives.

• Provide security consultancy and advice to projects, plans, and other entities.

• Brief at both executive and technical levels on security reports and testing outcome.

• Provide help in technical vulnerability assessments of IT systems to identify potential vulnerabilities, make recommendations to control identified risks.

• Take part of blue/purple team security exercises.

• Manage projects/procurements related to the operation of the IT Security Office.

• Approach tasks with flexibility, proactivity and complete work to a high quality.

• Coordinate tasks as directed by the IT Security Team Leader to assist in the improvement of the security of the system.

• Keep up to date with security trends, threats and control measures.

• Actively participate and contribute in regular and ad-hoc meetings and liaison with team, departmental and institutional colleagues as directed.

• Act as a backup of other colleagues and be involved in activities of the IT Security Team.

The job is a key position for an experienced technical IT professional looking for a dynamic working environment and challenging projects within a friendly, motivated and supportive team. 

A proven ability to manage and co-ordinate several services simultaneously are important.  Excellent oral and written command of English is essential.

LEGAL BASIS

The vacancy is to be filled in accordance with the conditions stipulated under the Conditions of Employment of Other Servants of the European Union (CEOS)^[2], in accordance with EEAS Decision ADMIN(2015) 20 on the engagement and use of temporary agents 

The successful candidate will be offered a contract as Temporary Agent under Article 2(b) of the Conditions of Employment of Other Servants (CEOS) at the grade of AST6.

ELIGIBILITY CRITERIA:

Candidates must meet ALL of the following general and specific conditions on the closing date for online applications:

• Be a national of one of the EU Member States and enjoy full rights as a citizen;

• Meet any obligations imposed on him or her by the laws concerning military service;

• Provide the appropriate character references^[3] as to their suitability for the performance of their  duties;

• Have the capacity to work in languages of the CFSP in writing and orally;

• Post-secondary education attested by a diploma followed by at least 3 years of relevant professional experience directly related to the nature of the duties OR secondary education attested by a diploma giving access to post-secondary education, followed by at least 6 years’ professional experience directly related to the nature of the duties;

• Candidates who, at the time of the application, are EU officials, independently of their administrative status under Article 35 of the SR, cannot request to be recruited as temporary agents under Article 2(b) of the CEOS and, in the interest of the service, are therefore ineligible.

SELECTION CRITERIA:

We are looking for a dynamic IT professional with strong technical interest, a diverse profile with experience to fulfil the above-mentioned responsibilities. Important is an ability to adapt to new situations and challenges. 

Candidates should have: 

• strong proven experience in offensive IT Security related activities

• strong technical knowledge of tools, processes, methodologies used and applied in purple/red team related activities
• knowledge of LOLBins family abuse, privilege escalation, MITRE ATT&CK framework, threat hunting methodologies
• be able to represent the EEAS in Cyber Security related inter-institutional technical working groups/task forces
• strong drafting and analytical skills combined with sound judgement
• excellent communication skills and the ability to establish and maintain a network of contacts both within and outside the EEAS
• the ability to communicate clearly on complex issues and the capacity to perform with accuracy and in a flexible manner a diversity of tasks in a complex multicultural and institutional environment

• strong service attitude

• be fluent in English (both written and orally)

• be a flexible team player

Furthermore: 

• Any professional certification in IT Security, especially in offensive related domains like OSCP, OSEP, CRTP, CRTE, CRTM, CRTO, CRTO II, OSCE or similar
• Python and Powershell scripting languages
• experience of working in a team in multi-disciplinary and multi-cultural environment
• experience in working with or within other EU institutions

would be considered as assets.

EXPRESSION OF INTEREST AND SELECTION PROCEDURE[4]:

The selection procedure will take place in three different and successive steps:

1. Expression of Interest

Before submitting their application, candidates should carefully check whether they meet all the eligibility criteria in order to avoid exclusion from the selection procedure.

Expressions of interest should be sent by e-mail to the following functional mailbox RM-SCS-5-HR@eeas.europa.eu copying AST-STAFF@eeas.europa.eu

For the purposes of the e-mail application, the e-mail must have in the subject the following title: "EoI-HQ (AST)-TA2b-AST6-RM.SCS.5.CYS-Job 464459"

Such an expression of interest must be accompanied by:

• an updated Curriculum vitae. Candidates are invited to use the "Europass" CV format (https://europass.cedefop.europa.eu/documents/curriculum-vitae) for their applications.

• a letter of motivation (maximum 2 pages) in either English or in French;

• Declaration of potential conflict of interest form filled in, dated and signed.

The deadline for submission of expressions is 10/11/2025 at 12:00 midday (Brussels time). 

For correspondence concerning the selection procedure, please use the following email address (the e-mail must have in the subject the following title: "EoI-HQ (AST)-TA2b- AST6-RM.SCS.5.CYS-Job 464459"): RM-SCS-5-HR@eeas.europa.eu

2. Pre-selection

The selection panel will make a pre-selection on the basis of the qualifications and the professional experience described in the CV and motivation letter.

3.  Selection

The candidates who have passed the pre-selection step will be invited for an interview so that the selection panel can evaluate them objectively and impartially based on the selection criteria, as listed in the present call for expression of interest. Additional specific written or oral tests might be organised by the panel. Following a comparative assessment of the merits of the preselected candidates, the selection panel will recommend the name of a candidate to the Authority Authorised to Conclude Contracts of Employment, and possibly, name(s) of other candidate(s) that should be placed on a reserve list valid for maximum 12 months. That list would be used, on the one hand, in case of refusal of the offer or unavailability of the recommended candidate in the present procedure and/or, on the other hand, for other future similar recruitment needs.

Depending on the outcome of future appointment procedure(s) under Article 29 of the SR for a similar profile, EEAS services may, in case no suitable candidates are found among EU officials, have other job opportunities that would involve the recruitment of the Temporary Agents under Article 2(b) of the CEOS. If any, candidates in the above-mentioned reserve list may be contacted by other EEAS services for potential recruitment. 

EQUAL OPPORTUNITIES:

The EEAS is committed to an equal opportunities policy for all its employees and applicants for employment. As an employer, the EEAS is committed to promoting gender equality and to preventing discrimination on any grounds. It actively welcomes applications from all qualified candidates from diverse backgrounds and from the broadest possible geographical basis amongst the EU Member States. We aim at a service, which is truly representative of society, where each staff member feels respected, is able to give their best and can develop their full potential. 

If pre-selected, candidates with disabilities are invited to contact the EEAS (EEAS-HQ-APPLICATIONS-AST@eeas.europa.eu) in order to accommodate any special needs and provide assistance to ensure the possibility to pass the selection procedure in equality of opportunities with other candidates. 

If a candidate with a disability is selected and recruited, the EEAS is committed to appropriate measures in order to accommodate his or her special needs to the working place or working conditions in accordance with Art 1d(4) of the Staff Regulations.

RECRUITMENT:

The selected candidate will be recruited as temporary agents under Article 2(b) of the Conditions of Employment of Other Servants (CEOS), in accordance with EEAS Decision ADMIN(2015) 20 on the engagement and use of temporary agents.

It is recalled, that if the interest of the service so requires, the selection procedures can be terminated at any stage and the post be filled by a reassignment in accordance with Article 7 of the SR and Article 10 of the CEOS.

Conflict of Interest and security risks

As a matter of policy, applications by individuals who have dual nationality of which one of a non-EU country, will be considered on a case-by-case basis taking account in particular of the functions attributed to the vacant post. The EEAS also examines if there could be a conflict of interest or security risks.

In this context, candidates shall fill with their application a declaration of potential conflict of interest (Annex attached)

Personal Security Clearance

The requested level of security clearance for this post is: SECRET UE/EU SECRET. A description of the EU classified information levels is available under Article 2 of the Decision ADMIN(2023) 18 on the security rules for the EEAS [5].

The selected candidate should hold, or be in the position to obtain, a valid Personnel Security Clearance (PSC)[6] issued by the competent authority of the Member State concerned. 

Candidates who do not already have a valid PSC will be required to go through the security clearance vetting procedure of their Member State to obtain this clearance in accordance with national laws and regulations and with the procedure laid down in the Decision ADMIN(2019)7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019 and in Annex A I of the Decision ADMIN(2023) 18 on the security rules for the EEAS [7]. Until the PSC is issued by the competent authority of the Member State concerned, the selected candidate will not be authorised to access EUCI at the level of CONFIDENTIEL UE/EU CONFIDENTIAL or above, or to participate in any meetings or workflow where EUCI is processed.

Please note that the necessary procedure for obtaining a PSC can be initiated on request of the employer only, and not by the individual candidate.

In case of failure to obtain or renew the required PSC, the AACC may take the appropriate measures in accordance with Article 3(3) of the Decision ADMIN(2019) 7 on Security Clearance Requirements and Procedures for the EEAS of 08 March 2019.

Medical fitness

The selected candidate will be required to undergo a medical fitness examination in accordance with Article 13 of the CEOS. 

In case of positive results on the medical fitness examination and after assessment of the PSC conditions, the candidate will be offered a contract as Temporary Agent, Grade AST6[8] for a duration of 4 years renewable subject to the possibility of extension offered by the EEAS Decision ADMIN(2023) 24 on the maximum duration of engagement. 

All member of the temporary staff shall serve initially a nine-month probationary period in accordance with Article 14 CEOS.

PLACE OF EMPLOYMENT: Brussels, Belgium

POST AVAILABLE: immediately

CONTACT:

Ms Rosina BISCHUR

IT Service Officer – HR & Communication

Digital Solutions, EEAS.RM.SCS.5

Tel: +32 258 42 2292

Email: rosina.bischur@eeas.europa.eu 

The closing date for submissions is 10/11/2025 at 12:00 midday (Brussels time).

----------------------------------------

[1] Staff Regulations of Officials (SR) and the Conditions of Employment of Other Servants of the European Union (CEOS). For reference see: https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1570023902133&uri=CELEX:01962R0031-20190101

[2] Staff Regulations of Officials (SR) and the Conditions of Employment of Other Servants of the European Union (CEOS). For reference, see https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1570023902133&uri=CELEX:01962R0031-20190101

[3] criminal records certificate

[4] Your personal data will be processed in accordance with Regulation (EC) 2018/1725. The privacy statement is available on EEAS webpage: http://eeas.europa.eu/data_protection/rights/index_en.htm

[5] OJ C 263, 26 July 2023, p.16.

[6] The ‘Personnel Security Clearance’ is defined under point 2 of Annex A I of the Decision ADMIN(2023) 18 on the security rules of the EEAS as “a statement by a competent authority of a Member State which is made following completion of a security investigation conducted by the competent authorities of a Member State and which certifies that an individual may, provided his ‘need-to-know’ has been determined, be granted access to EUCI up to a specified level (CONFIDENTIEL UE/EU CONFIDENTIAL or above) until a specified date; the individual thus described is said to be ‘security cleared’.”

[7] OJ C 263, 26 July 2023, p.38.

[8] The basic salaries offered by the EU institutions are set out in Article 66 of the Staff Regulations. The current level, can be accessed via the link:https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:C_202301544
A number of factors are taken into account in calculating your pay. Use the pay calculator for an individual estimate:
https://myintracomm.ec.europa.eu/staff/EN/working-conditions/pay/Pages/calculettes.aspx