IT Security Assistant

WE PROPOSE

The position of
IT Security Assistant - Offensive Security Specialist
, Temporary Agent (Grade AST 6).

Please see the full vacancy notice on the EEAS website for all details and criteria.

Please only apply in case you fulfill
all the eligibility criteria
.

Candidates must be a national of one of the Member States of the European Union and enjoy full rights as a citizen.

PLACE OF EMPLOYMENT:
Brussels, Belgium

POST AVAILABLE:
October 2025

DEADLINE FOR APPLICATIONS:

10 November 2025, 12:00 midday, Brussels time (CET)

ADDRESS for applications
(CV in Europass format, motivation letter and declaration of conflict of interest): RM-SCS-5- and in cc to: AST-

REFERENCE:
EoI-HQ (AST)-TA2b- AST6-RM.SCS.5.CYS-Job 464459

SALARY:
Basic monthly salary within Assistant AST grade 6 approx Euro + addtl. allowances depending on individual and family situation (e.g. household allowance, 16% expatriate allowance etc.), salary not subject to national income tax;

Please see reference: Table 1.1. in the Annual Update of the Remuneration of Officials and other Servants of the EU

WE LOOK FOR

A dynamic and service-oriented colleague with a very strong IT Security technical background with proven
experiences in offensive security related activities (penetration testing, vulnerability assessment, purple team activities).
In addition to demonstrating very good analytical and organisational skills, the successful candidate will have to be pro-active and be able to follow the procedures on an autonomous basis.

The ability to build and maintain good human relations within the teams and with our internal customers is essential. The selected candidate should demonstrate significant relevant experience.

As purple team operator, the
main responsibilities
are as follows:

• Develop and execute adversary emulation in complex scenarios.
• Identify potentially insecure processes and systems.
• Reproduce attacks in the organization to demonstrate their exploitability.
• Utilize detections to improve the effectiveness of adversary emulation scenarios.
• Collaborate with the SOC and propose improvements in detections based in the emulation results.
• Create and use custom tools to automate and optimize the adversary emulation process.
• Provide security design reviews to ensure compliance with company policies and directives.
• Provide security consultancy and advice to projects, plans, and other entities.
• Brief at both executive and technical levels on security reports and testing outcome.
• Provide help in technical vulnerability assessments of IT systems to identify potential vulnerabilities, make recommendations to control identified risks.
• Take part of blue/purple team security exercises.
• Manage projects/procurement related to the operation of the IT Security Office.
• Approach tasks with flexibility, pro-activity and complete work to a high quality.
• Coordinate tasks as directed by the IT Security Team Leader to assist in the improvement of the security of the system.
• Keep up to date with security trends, threats and control measures.
• Actively participate and contribute in regular and ad-hoc meetings and liaison with team, departmental and institutional colleagues as directed.
• Act as a backup of other colleagues and be involved in activities of the IT Security Team.

The job is a key position for an experienced technical IT professional looking for a dynamic working environment and challenging projects within a friendly, motivated and supportive team.

A proven ability to manage and co-ordinate several services simultaneously are important. Excellent oral and written command of English is essential.

SELECTION CRITERIA

We are looking for a dynamic IT professional with strong technical interest, a diverse profile with experience to fulfill the above-mentioned responsibilities. Important is an ability to adapt to new situations and challenges.

Candidates should have:

• Post-secondary education attested by a diploma followed by at least 3 years of relevant professional experience directly related to the nature of the duties OR secondary education attested by a diploma giving access to post-secondary education, followed by at least 6 years professional experience directly related to the nature of the duties;
• strong proven experience in offensive IT Security related activities;
• strong technical knowledge of tools, processes, methodologies used and applied in purple/red team related activities;
• knowledge of LOLBins family abuse, privilege escalation, MITRE ATT&CK framework, threat hunting methodologies;
• be able to represent the EEAS in Cyber Security related inter-institutional technical working groups/task forces;
• strong drafting and analytical skills combined with sound judgement;
• excellent communication skills and the ability to establish and maintain a network of contacts both within and outside the EEAS;
• the ability to communicate clearly on complex issues and the capacity to perform with accuracy and in a flexible manner a diversity of tasks in a complex multicultural and institutional environment;
• strong service attitude;
• be fluent in English (both written and orally);
• be a flexible team player;

Furthermore:

• Any professional certification in IT Security, especially in offensive related domains like OSCP, OSEP, CRTP, CRTE, CRTM, CRTO, CRTO II, OSCE or similar;
• Python and Powershell scripting languages;
• experience of working in a team in multi-disciplinary and multi-cultural environment;
• experience in working with or within other EU institutions

would be considered as assets.

#itsecurity #securecommunications #eujobs
#itjobs
#europeanunion
#eucareers
#austria
#belgium
#bulgaria
#croatia
#cyprus
#czechia
#denmark
#estonia
#finland
#france
#germany
#greece
#hungary
#ireland
#italy
#latvia
#lithuania
#luxembourg
#malta
#netherlands
#poland
#portugal
#romania
#slovakia
#slovenia
#spain
#sweden