Senior Security Expert (External)

The European Insurance and Occupational Pensions Authority (EIOPA) is an independent European Union Authority established on 1 January 2011 by Regulation (EU) No. 1094/2010 of the European Parliament and of the Council of 24 November 2010.

EIOPA is at the heart of insurance and occupational pensions in the EU.

Our mission is to contribute to a sound, effective and consistent level of regulation and supervision of insurance and occupational pensions sectors in Europe, and to promote transparency, simplicity and fairness in the market for consumer financial products or services across the internal market for the benefit of EU citizens. Through our activities we help protect insurance policyholders, pension scheme members, customers and consumers and other beneficiaries. We furthermore play a key role in supporting the stability of the financial system, transparency of financial markets and products, and we contribute to strengthening coordination among financial supervisors at the international level.

EIOPA is part of the European System of Financial Supervision (ESFS) which includes the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA) and the European Systemic Risk Board (ESRB).

Further information on EIOPA is available on EIOPA’s website: https://www.eiopa.europa.eu/

As an European Union Authority, EIOPA is committed to fostering an inclusive and dynamic working environment, providing equal opportunities to all its employees and applicants. EIOPA is committed to ensuring gender equality and to preventing discrimination on any grounds. EIOPA actively welcomes applications from all qualified candidates from diverse backgrounds, across all abilities, without any distinction on any ground such as sex, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age, marital status or family situation or sexual orientation.

Job Purpose

Senior Security Expert

The successful candidate will be responsible for defining and implementing EIOPA’s global security roadmap, ensuring operational resilience and business continuity.

With a solid understanding of the evolving threat landscape, the Senior Security Expert will ensure that EIOPA’s staff, assets, information and IT systems are adequately protected, in line with EU regulatory requirements, industry standards and best practices.

He/she will work collaboratively with internal stakeholders to ensure security policies and practices are fully integrated with wider business activities and compliant with the relevant regulations.

The Senior Security Expert will report to the Head of the Corporate Support Department.

Main Responsibilities

Developing, implementing and maintaining EIOPA’s security policies, procedures and working instructions for staff, assets, information and IT security;
Performing cybersecurity maturity assessments, developing implementation plans and ensuring the overall compliance with Regulation (EU, Euratom) 2023/2841 of the European Parliament and of the Council of 13 December 2023 laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union;
Developing, implementing and maintaining EIOPA’s Information Security Framework in accordance with the European Commission Security Framework and security best practices;
Defining, implementing and monitoring robust security requirements for projects and activities involving sensitive information processing, including services provided by third-party providers;
Performing security risk assessments, inspections, reviews and audits, including on information systems, to ensure full compliance with EIOPA’s security policies, procedures and working instructions;
Developing and implementing business continuity arrangements, exercises and tests;
Providing security advice to management and staff, and organising security awareness and training campaigns;
Liaising with relevant national and EU security authorities and services on matters related to the security of the Agency;
Performing any other tasks as required.

Eligibility Criteria

Thorough knowledge of one of the languages of the Communities and a satisfactory knowledge of another language of the Communities;

Be a national of a Member State of the European Union, Norway, Iceland or Liechtenstein;
Be entitled to his or her full rights as a citizen [1];
Have fulfilled any obligations imposed by the applicable laws on military service;
Be physically fit to perform the duties linked to the post [2];

[1] Prior to the appointment, the successful candidate will be asked to provide a Police certificate confirming the absence of any criminal record.

[2] Before being engaged, a candidate shall be medically examined by one of the institution’s medical officers in order that the institution may be satisfied that he fulfils the requirements of Article 12 (2)(d) of the Conditions of Employment of Other Servants of the European Communities.

Essential Skills and Knowledge

· Qualification:

a) a level of education which corresponds to completed university studies attested by a diploma when the normal period of university education is four years or more; or

b) a level of education which corresponds to completed university studies attested by a diploma and appropriate professional experience of at least one year, when the normal period of university education is at least three years.

Have at least 6 years of proven full-time professional experience in a field relevant for this position acquired after the qualification required under a) or b) above;

Note: Your professional experience will be counted from the time you obtained the certificate or diploma required for admission to the selection procedure.

In case of a doctorate/PhD 50% of the actual duration of the studies will be taken into account as professional experience, subject to an upper limit of three years, on the condition that the candidate was paid during the period of his/her PhD studies, the PhD studies have been completed and a diploma was awarded.

Part-time work will be taken into account in proportion to the stated percentage in relation to full-time work. In case of internship, only paid internship is considered.
Proven work experience in similar tasks/responsibilities as required by the role described under “Main Responsibilities”, and in particular:
- Security: setting-up a holistic enterprise security framework or strategy;
- Information security: conducting risk assessments as well as developing and implementing security strategies and policies;
- Cybersecurity: implementing and operating cybersecurity frameworks, standards, methodologies and maturity models (e.g. NIST Cybersecurity Framework, Essential Eight, CIS Critical Security Controls, DORA);
- Vendor management: defining outsourcing security requirements, service level agreements and managing the relationship with security managed service providers;
Very good command of oral and written English;
Very good knowledge of MS Office, in particular Word, Excel and PowerPoint.

Desirable Skills and Knowledge

Proven experience in setting-up business continuity arrangements at a company-wide level;
Proven work experience in designing, implementing and maintaining cloud-based security architectures and controls;
Professionally recognised security management and/or technical certifications (CISSP, CISM, ISO/IEC 27001 Lead Implementer, Cybersecurity Architect or similar);
Proven work experience in a multicultural environment;
Knowledge of a third EU language.

Behavioural Competencies required

For the above position, the following behavioural competencies have to be fulfilled:

Flexibility in terms of openness to taking over other tasks within EIOPA in view of the dynamic and evolving institutional environment;
Excellent team player sharing relevant information and supporting team members without taking over responsibility for their work, able to work in different teams with different levels of stakeholders in a multicultural environment;
Being able to have and express a critical view towards own performance and open to learn from experience;
Being able to establish and maintain cooperative relationships with staff and management at all levels, both inside and outside the organization; understanding who the internal and external stakeholders are, as well as their needs and expectations;
Demonstrates the ability to effectively convey proposals and ideas to others, delivering constructive feedback, and adeptly handling resistance to foster mutual understanding and collaboration;
Being able to manage multiple assignments and track progress on numerous processes simultaneously; delivering results within tight time frames; carrying out activities in an autonomous way;
Proactively anticipating what needs to be done within the own area of responsibility, informing others and taking action as required;
Showing a positive mindset; seeing obstacles as challenges and approaching them with a can-do attitude; setting high levels of quality and productivity for oneself.

Contractual conditions

Place of employment
Frankfurt am Main, Germany

Monthly basic salary

Step 1: 7,559.72 EUR
Step 2: 7,877.39 EUR

Plus specific allowances where applicable*.

*Summary of Conditions of Employment

1. Successful external candidates will be classified either in step 1 or 2.

Grade / step^[1]

Monthly basic salary^[2]

Monthly net salary, excluding allowances

Monthly net salary, including specific allowances^[3]

AD 7 Step 1

7,559.72 EUR

5,833.74 EUR

8,316.21 EUR

AD 7 Step 2

7,877.39 EUR

6,043.97 EUR

8,597.40 EUR

[1] Implementing rules concerning classification in step on appointment or engagement of temporary agents

[2] The basic salary is weighted by the current correction coefficient for Germany (102.2%)

[3] An estimation of net salary, including the deduction for tax and social security and adding the allowances (this estimation has been calculated with expatriation allowance, household allowance and with one dependent child allowance). Allowances depend in any case on the personal situation of the candidate.

2. Salaries are subject to a Union tax deducted at source and are exempt from national taxation;

3. Depending on the individual family situation and the place of origin, the successful jobholder may be entitled to: expatriation allowance (16% of the basic salary), household allowance, dependent child allowance, education allowance, pre-school allowance, installation allowance, reimbursement of removal costs, initial temporary daily subsistence allowance, and other benefits;

4. Annual leave entitlement of two days per calendar month plus additional days for grade, distance from the place of origin and in addition on average 15 EIOPA holidays per year;

5. EU Pension Scheme (after 10 years of service);

6. EU Joint Sickness and Insurance Scheme (JSIS), accident and occupational disease insurance coverage, unemployment and invalidity allowance and travel insurance;

7. General and relevant technical training plus professional development;

8. Modern and flexible working conditions, combining presence in the office and teleworking opportunities (some geographical restrictions apply).

Indicative Start date

1 August 2025

Contract type and duration

Successful candidates may be offered an employment contract for three years as a Temporary Agent. The contract may be renewed for a second fixed-term period, and upon its second renewal converted into a contract of indefinite duration.

Reserve list

Possibility of reserve list with validity until 31 December 2026 with possibility for extension.

Information reserved for applicants employed under Article 2(f) of the CEOS, in EU Agencies other than EIOPA:

According to EIOPA Management Board decision EIOPA-MB-15-072 adopting the implementing rules on the procedure governing the engagement and use of temporary staff under Article 2(f) of the CEOS, and in particular Article 12 (2), if a successful applicant from this external procedure, on the closing day for applications, as well as on the day of taking up duty at EIOPA:

· is a member of temporary staff under Article 2(f) of the CEOS, and

· is employed within their agency in function group and grade included in the range “AD6 – AD8”,

EIOPA shall offer the applicant, in writing, the opportunity either:

a) to be assigned to the post by means of internal mobility, as per Article 10 of EIOPA-MB-15-072. In this case the contract at EIOPA will be in continuity with the contract of the previous agency (namely with regard to grade, step, seniority in step, and duration)

b) in case the eligibility, qualification and professional experience requirements for the grade indicated in this external vacancy notice, (AD7) are met, to be assigned to the post on the basis of a new contract (first fixed-term) of three years duration, subject to the probationary period of 9 months, at the grade indicated in the external vacancy notice (AD7).

Recruitment procedure

The recruitment process will include a panel interview and a written test. In addition, there may be a pre-screening exercise.

The online application form should be submitted in English language.
(1) Curriculum Vitae clearly indicating (among all):

Qualifications (please list exact dates of all your academic qualifications gained)
Responsibilities, experience and skills gained in previous positions (please list exact dates of all your work experience gained)
Nationality/Citizenship
Language skills

(2) Motivation explaining why you are interested in the post and what would be your added value you would bring to EIOPA if selected.

Applicants will be assessed on the basis of the eligibility and selection criteria specified in the vacancy notice and these must be met by the closing date of the vacancy notice.

Vacancy Notice publication start date: 6 May 2025

Application Deadline: 28 May 2025 23:59 CET

Applications after the deadline are not considered.

The successful candidate will be required to make an annual declaration in respect of any interests which might be considered prejudicial to their independence. Before recruiting a member of staff, EIOPA’s Executive Director will examine whether the successful candidate has any personal interest which may impair their independence or any other conflict of interest. To that end, the successful candidate, using a specific form, shall inform the Executive Director via the Ethics Officer of any actual or potential conflict of interest.

For more information on the selection process of temporary agents and on the contractual and working conditions, please, refer to: