Expert national détaché (m/f) - (réf. ENISA-SNE-2020-03)

Informations générales

  • Statut Fonctionnaire
  • Date limite de candidature30/04/2022
  • Administration/OrganismeEuropean Union Agency for Cybersecurity (ENISA)
  • LieuAthens, Greece
  • Nombre de postes vacants5

Qui recrute ?

The European Union Agency for Cybersecurity (ENISA) holds a discreet and enhanced role under the mandate of the Cybersecurity Act Regulation1. The mission of the European Union Agency for Cybersecurit (ENISA) is to achieve a high common level of cybersecurity across the Union, by actively supporting Member States, European Union institutions, industry, academia and EU citizens.

ENISA contributes to policy development and implementation, support capacity building and preparedness, facilitate operational cooperation at Union level, enhance the trustworthiness of ICT products, services andprocesses by rolling out cybersecurity certification schemes, enable knowledge sharing, research, innovation and awareness raising, whilst developing cross-border communities and synergies.

With this Call, ENISA asserts its interest to ensure that the 12 posts foreseen for Seconded National Experts (SNEs) in the Agency’s establishment plan are fulfilled. At the publication of this call (Spring 2020) ENISA seeks to fill 5 SNE posts to take up duties in 2020.

Seconded National Experts should support the Agency’s activities in one or more of the following areas, pursuant to Chapter II of Regulation (EU) 2019/881 - Cybersecurity Act (CSA):

  • Article 5: Development and implementation of Union policy and law
  • Article 6: Capacity-building
  • Article 7: Operational cooperation at Union level
  • Article 8: Market, cybersecurity certification and standardisation
  • Article 9: Knowledge and information
  • Article 10: Awareness-raising and education
  • Article 11: Research and innovation
  • Article 12: International cooperation


The successful candidates(s) are expected to contribute to one or more of the following activities of the Agency (depending on the profile and the assignment post):

  • Support EU policy development and implementation, providing advice, helping to develop technical guidelines, recommendations and tools both in general and/or in different policy and technological fields and sectors, as well as facilitating the exchange of best practices;
  • Assist with information collection, sharing and analysis of cyber security incident information and relevant reports;
  • Support in organising workshops and validating of findings;
  • Support Member States, European Union institutions, bodies, offices and agencies to improve their capabilities on the prevention, detection, analysis of and response to cyber threats and incidents;
  • Support operational communities, such as Computer Security Incident Response Teams (CSIRTs), in the area of security incident handling and response;
  • Facilitate operational cooperation among Member States, European Union institutions, bodies, offices and agencies and between stakeholders, including the development and improvement of Standard Operational Procedures;
  • Support the management, including crisis communication of cross-border large-scale incidents and crises (Cyber Crises Management);
  • Assist the Agency’s skills development and capacity building activities, such as the organisation and management of exercises, challenges, trainings etc.;
  • Assist with the design, deployment and maintenance of EU cybersecurity certification schemes and the EU cybersecurity certification framework;
  • Support the establishment and take-up of European and International standards for risk management and for the security of ICT products, ICT services and ICT processes;
  • Support in the threat assessments and risk analysis in the area of cybersecurity, including emerging technologies;
  • Support in raising public awareness of cybersecurity risks and provide guidance on good practices,in cooperation with the Member States, European Union institutions, bodies, offices and agencies and industry;
  • Support European Union institutions, bodies, offices and agencies and the Member States on research needs and priorities in the field of cybersecurity;
  • Support the development and maintenance of platforms related to the core operational activities;
  • Support the dissemination and taking up of the results of the Agency, including engagement of relevant stakeholders;
  • Take on additional tasks as required in the interest of the service.


Critères d'éligibilité:

To be considered eligible, candidates must satisfy all the criteria listed below:

  1. Be a national of an EU Member States or of the Member States of the European Free Trade Area (EFTA), except where the Executive Director grants a derogation;
  2. Have at least three years’ experience of administrative or legal or scientific or technical or advisory or supervisory functions;
  3. Have worked for their employer on a permanent or contract basis for at least 12 months before the secondment;
  4. Remain in the service of that employer throughout the period of secondment;
  5. Have a thorough knowledge of one EU language and satisfactory knowledge of a second EU official language. An SNE from a non-member state shall have thorough knowledge of one EU official language necessary for the performance of his/her duties.

Critères de sélection:

All eligible candidates will be assessed against selection criteria. The selection criteria with regard to experience and knowledge (under Section 6.1) are numerically evaluated in order to identify the bestqualified candidates. Only candidates scoring above the threshold to be set by the Selection Board will be invited for an interview. Therefore, candidates are recommended to give evidence of their knowledge by specific examples and/or detailed professional experience in their application (Europass CV and Motivation letter) in order to be evaluated in the best possible way.

In addition, candidates are expected to fulfil the below behavioural competencies as outlined under section 6.2 which will be assessed during interview phase.


  • University diploma in one of the following domains: Information Systems, Computer Science, Natural Science, Engineering, Management, Political Science, International Relations, Economics, Social Science or a related discipline.
  • Relevant renowned certification(s) would be an asset.
  • Proven experience in the fields brought out under the three profiles in section 2. Experience in various profiles would be an asset.
  • Experience in contributing to or coordinating projects involving a variety of stakeholders would be an asset.
  • International/multicultural experience within the areas listed under Section 2 would be an asset.
  • A thorough knowledge of English (minimum level required: C1 of Common European Framework of Reference for Languages, applying to each linguistic ability (speaking, writing, reading and listening.


  • Motivation;
  • Analysis and problem solving;
  • Priority setting, planning and organising;
  • Excellent communication skills;
  • Service-oriented and co-operative attitude.


ENISA is looking for candidates that fit into one or more of the following profiles:



On a technical and operational level, acquired through relevant academic studies, research and/or professional experience as an analyst, officer or IT specialist in the private or in the public sector.

Candidates are expected to demonstrate knowledge and experience in one or more of the following areas:

  • A.1. ICT security auditing, risk assessment and management;
  • A.2. ICT security policy development and implementation;
  • A.3. ICT security policies, specifications and best practices;
  • A.4. Cyber crisis management, incident handling and response, penetration testing and forensics;
  • A.5. Cybersecurity architectures;
  • A.6. Cybersecurity threat intelligence (CTI), vulnerability assessment and management;
  • A.7. Security and privacy engineering, including cryptography;
  • A.8. Trust services and digital identity management including public key infrastructure technologies;
  • A.9. Cybersecurity certification of products, services and processes and standards;
  • A.10. Cybersecurity technology research and innovation;
  • A.11. Cybersecurity capacity building, education and training;
  • A.12. Network and application security, including security of electronic communications, software and systems.



In one or more sectors or policy fields (e.g. transport, energy, telecommunications, financial services, utilities, health, digital services, emerging technologies etc.) or in the digital economy and society, acquired through relevant academic studies, research and/or professional experience as ICT analyst, ICT specialist or ICT policy officer in the private or public sector. Candidates are expected to hold this knowledge and experience in one or more of the following areas:

  • B.1. Healthcare;
  • B.2. Banking and financial services;
  • B.3. Transport;
  • B.4. Energy and utilities;
  • B.5. Electronic government services, commerce and/or logistics;
  • B.6. Telecommunications;
  • B.7. Consumer-centred digital platforms (e.g. social media etc.);
  • B.8. Cloud computing;
  • B.9. Distributed ledgers;
  • B.10. Internet of Things (IoT);
  • B.11. Artificial Intelligence (AI);
  • B.12. Engineering, research and development of ICT systems and emerging technologies.



Resulting in a proven insight and proven understanding and interest into cybersecurity, acquired through relevant academic studies, research and/or professional experience in EU or national private or public sector. Candidates are expected to hold knowledge and experience in one or more of the following areas:

  • C.1. Economics of cybersecurity;
  • C.2. Societal/psychological, behavioural analysis of cybersecurity;
  • C.3. Public policy on cybersecurity;
  • C.4. Cybersecurity in management information systems;
  • C.5. Compliance aspects of cybersecurity;
  • C.6. Quality management with relevance to cybersecurity;
  • C.7. Information assurance with relevance to cybersecurity;
  • C.8. Knowledge management on cybersecurity;
  • C.9. International relations aspects of cybersecurity;
  • C.10. Cybercrime investigations;
  • C.11. Communication, dissemination and/or awareness raising on cybersecurity;
  • C.12. Quantitative and qualitative methods with application on cybersecurity.

Documents à fournir

Les candidats doivent envoyer leur candidature sous format CV Europass ( en français, anglais ou allemand uniquement à la Représentation Permanente / Mission diplomatique de leur pays auprès de l'UE, qui transmettra les candidatures aux services de l'ENISA compétents dans les délais fixés par ces derniers. Tout dossier de candidature devra être accompagné d’une lettre officielle stipulant que l’Etat luxembourgeois continuera à verser un traitement ou salaire à l’agent pendant toute la durée de son détachement. Le non respect de cette procédure ou des délais invalidera automatiquement la candidature. Les candidats sont priés de ne pas joindre à leur candidature d'autres documents (tels que copie de carte d'identité, copie des diplômes et attestations d'expérience professionnelle,…). Ces documents leur seront demandés, le cas échéant, à un stade ultérieur de la procédure de sélection.

Les candidats seront informés du suivi de leur candidature par l'unité concernée.

Les détachements sont régis par la décision de l'ENISA no MB/2013/15.