IT Security Manager

Council of Europe
Canton de Strasbourg-1, France
12 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, Ukrainian, Russian
Experience level
Intermediate

Job location

Canton de Strasbourg-1, France

Tech stack

Artificial Intelligence
Business Software
Cloud Computing
Computer Security
Databases
Information Leak Prevention
Data Security
Digital Forensics
Identity and Access Management
Information Systems Security Architecture Professional
Machine Learning
Reliability of Systems
Information Technology
Cybercrime
Vulnerability Analysis

Job description

You will be part of the Accountability for Ukraine Unit, which operates under the direct authority of the Director General for Human Rights and the Rule of Law (DGI). The role is embedded within a dynamic and expanding operational environment, with activities to be carried out across multiple locations, including Strasbourg and The Hague. The IT Security Manager will also be closely co-operating with colleagues from the Directorate of Information Technology. Your Role

As an IT Security Manager, you will:

  • embed cybersecurity principles (confidentiality, integrity, availability) in all IT projects ("security- and privacy-by-design");
  • design and implement security policies and technical standards: secure architecture (cloud or on-prem), access control, data protection, digital integrity, crisis plans;
  • provide specific security standards for the relevant legal database, defining the technical and organisational requirements prior to its deployment;
  • oversee all phases of the legal database project (design, development, deployment, operation), ensuring compliance with security norms and their integration at each stage;
  • regularly audit this core business application to identify any vulnerabilities, verify compliance with standards, and propose corrective actions;
  • identify vulnerabilities across all systems, conduct audits, and propose risk management and mitigation strategies in line with international standards (ISO 27001, NIST, etc.) and applicable legal frameworks (e.g., Council of Europe Personal Data Protection Regulations);
  • advise on the selection, acquisition, and implementation of secure platforms and tools, including potential use of cloud technologies;
  • ensure system compliance with judicial, institutional, and regulatory requirements for security and data protection;
  • collaborate with partners to ensure technical interoperability and secure data exchange;
  • stay up to date with advances in cybersecurity technologies, cyber threats, and system resilience in justice and institutional contexts;
  • ensure the effective integration of security controls in artificial intelligence solutions, including risk assessment, threat mitigation, and monitoring of AI systems to protect against adversarial attacks, data leakage, and misuse.

Requirements

  • hold a higher education degree or qualification equivalent to a Master's degree (2nd cycle of the Bologna process framework of qualifications for the European Higher Education Area) in cybersecurity, computer science, or a related discipline;
  • have at least 5 years of relevant experience in IT security or IT security architecture, including a minimum of 2 years integrating security in sensitive institutional or judicial environments;
  • have a very good knowledge of English.

You must also:

  • be a citizen of one of the member states of the Council of Europe and fulfil the conditions for appointment to the civil service of that state;
  • have discharged any obligation concerning national service (military, civil or comparable);
  • not be the parent, child, stepchild or grandchild of a serving staff member of the Council of Europe;
  • be under the age of 65 years.

Your application must demonstrate to what extent you have the competencies listed below. To help you doing so, feel free to consult our competency framework. Key competencies

  • Operational - Planning and work organisation

  • Operational - Results orientation

  • Operational - Concern for quality

  • Interpersonal - Teamwork and co-operation

  • Professional and technical expertise:

  • expertise in cybersecurity standards (ISO 27001, NIST), identity management (IAM), cryptography, and data protection;
  • experience in designing and securing judicial systems: evidence management, chain of custody, strict confidentiality;
  • experience in auditing, vulnerability analysis, crisis management and drafting remediation plans;
  • experience with GDPR compliance and other international regulations (convention 108+);
  • ability to collaborate in multidisciplinary teams and deliver in sensitive or high-security contexts;
  • competence in the security of artificial intelligence systems: understanding threats to AI, experience in implementing secure AI architectures (e.g., privacy-preserving machine learning, adversarial robustness), and ability to conduct risk analysis and mitigation for AI-enabled solutions.

Desirable competencies

  • Operational - Analysis and problem solving

  • Professional and technical expertise:

  • certifications: CISSP, CISM, CEH, ISO 27001;
  • experience with international tribunals, hybrid courts, or international justice systems;
  • familiarity with evidence management tools and judicial databases;
  • experience in crisis management and monitoring cyber threats;
  • skills in digital forensics and chain of custody protocols;
  • knowledge of Ukrainian and/or Russian is an asset;
  • experience in institutional post-conflict or transitional settings;
  • experience with AI-based tools and ethical, legal, and technical aspects of AI security.

About the company

Who we are

With over 2500 staff members coming from all its 46 member States, the Council of Europe is a multicultural
Organisation. We all strive towards protecting human rights, democracy and the rule of law and our three core
values - professionalism, integrity and respect - guide the way we work.
The European Court of Human Rights oversees the implementation of the European Convention on Human Rights in the
member States. Individuals can bring complaints of human rights violations to the Strasbourg Court once all possibilities of
appeal have been exhausted in the member State concerned.
The Council of Europe has its headquarters in Strasbourg (France) and has external presence in more than twenty countries.
See here for more information about the Council of Europe external presence.

Apply for this position