Apply now »

Information Security Coordinator

Type of Selection:  Internal and External
Contract Type:  Temporary agent
Grade:  AD05
Deadline for application:  02/03/2026 at 23:59 CET
Experience Level:  Professional
Approx. number of candidates on reserve list:  5
Location:  Cologne, Germany
Monthly gross compensation (€):  6,152.64 - 6,411.17

Our employees are our most valuable asset. We therefore offer a wide range of benefits.

 

EASA is the leading aviation authority in Europe. A career at EASA means contributing to our vision for an ever safer and greener civil aviation. As an EASA employee, you will be making a difference to the lives of about 500 million fellow Europeans: this is our shared purpose and it could be yours, too. From our headquarters in Cologne, Germany, you will work with top experts in a multicultural work environment. Diversity and Inclusion are part of our DNA and innovation is at the heart of what we do. We ensure that aviation is safe in all phases: beginning with the certification of the aircraft to the rules for the air operation and crew. For more information about the Agency please consult our website and take a look at our organisation structure. Are you interested to contribute to our mission? Then see below what it takes to accomplish the role.

We are an equal opportunities employer, committed to diversity and non-discrimination. To further enhance the diversity of our workforce, we particularly encourage applications from female candidates. 

Job Overview

Under the supervision of the CISO, contribute to the effective implementation, operation, and continuous improvement of EASA’s Information Security Management System (ISMS). Provide subject-matter expertise in information security, cybersecurity, risk management, and regulatory compliance by supporting directorates, business and domain owners, and application managers. This includes promoting the consistent application of cybersecurity principles, conducting risk and compliance assessments, and advising on appropriate security controls. Ensure that information security practices are efficient, coherent, and performance-oriented, in line with the Agency’s Cybersecurity and Information Security Policies and the applicable internal and external regulations. 

General Accountabilities

  • Maintain and evolve the Information Security Management System (ISMS) by supporting the CISO in implementing and maintaining security policies, standards and procedures aligned with industry best practices.
  • Support incident management activities.
  • Monitor emerging threats and vulnerabilities, providing insights to mitigate them. Contribute to the evaluation and implementation of security tools and technologies.
  • Collaborate with cross-functional teams to ensure security is integrated in to business processes.
  • Design, develop and deliver the EASA Information Security training programs, tailored to employees at all levels, including role-specific training.
  • Create educational materials, such as presentations, e-learning modules and phishing campaigns, to promote a culture of security awareness.
  • Perform technical assessments and evaluations, including cybersecurity risk assessments, maturity assessments, gap analysis and coordinate penetration tests on EASA Information Systems.
  • Analyze findings and collaborate with the the risk owners and the technical teams to remediate vulnerabilities.
  • Document and present assessment results to stakeholders and provide actionable recommendations.
  • Follow up on action plans to drive remediation activities and close gaps.

Admission Criteria

The following constitute eligibility and essential criteria for the role and to be admitted to the selection process. Candidates not fulfilling these criteria by the deadline for applications, will be excluded from the selection: 

  • Have a thorough knowledge of one of the languages of the European Union (at least level C1) and a satisfactory knowledge of another language of the EU to the extent necessary for the performance of the duties (at least level B2). One of the required languages shall be English[1]
  • Be a national of a Member State of the European Union, Iceland, Liechtenstein, Norway or Switzerland.
  • A level of education which corresponds to completed university studies attested by a diploma with a normal period of university studies of 3 years or more in Cybersecurity, Information Technology or other studies in the scope of the role. [2].
  • At least 2 years of professional experience in information security, cybersecurity or IT security.
  • Practical knowledge of ISO 27001, NIST CSF or similar.
  • Practical knowledge of security or risk assessment tools and techniques.

[1] English oral and written skills will be assessed throughout the assessment phase. Mother tongue English speakers will be expected to demonstrate knowledge of a second EU language. 

[2] This vacancy is open as well to Temporary Agents (2f) employed at EASA, in the grade bracket AD 5 - AD 9. 

 

The following constitute advantageous criteria for the role. Candidates not fulfilling these requirements will not be excluded from the selection: 

  • National or international certification in the field of cybersecurity or information security.
  • Experience in the design and/or delivery of cybersecurity awareness campaigns.

Selection Criteria

The selection process is based on the assessment of the professional skills and competences listed below. While these are considered essential for performing the role effectively, candidates who do not meet all criteria may still be considered. 

Professional Skills

Cybersecurity & Information Security Management
Familiarity with security frameworks and standard
Knowledge of Risk Management principles
Knowledge and understanding of security assessment tools and techniques

Behavioural Competences

Flexibility & Change Adaptability
Communication
Stakeholder Orientation
Critical Thinking
Problem Solving

Mandatory Pre-Employment Requirements

Prior to recruitment, you will be requested to demonstrate that you:  

  • Are entitled to the full rights as a citizen.
  • Have fulfilled any obligations imposed by the applicable laws on military service.
  • Meet the character requirements for the duties involved (you will be asked to provide a police certificate confirming the absence of any criminal record).
  • Are physically fit to perform the duties linked to the post (you will be asked to undergo a medical examination in a centre indicated by EASA).

Conditions of Employment

Contract: 5 years contract as Temporary Agent (2f) with possibility of extension.

Working hours: 40 hrs per week (on a full-time working pattern). Flexible working arrangements.

Salary: Depending on work experience. Additional allowances depending on personal situation.

Location: Cologne, Germany (relocation is required). 

Application & Selection Process

How to apply

We can only accept applications that are submitted in English through our Recruiting tool. Before sending your application, make sure it is complete and contains the document(s) specified in the vacancy notice. Please also ensure that your candidate profile, all relevant fields and the answers to the pre-screening questions are correct. You may review and amend data demonstrating compliance with the eligibility and selection criteria only until the closing date of applications for the respective selection procedure.

For further information take a look at How we hire. In case of questions or technical issues, email us at recruit@easa.europa.eu. Attach a description and screenshot of the error. 

To check if you are meeting the minimum education qualifications required for the job, consult the information published by the European Personnel Selection Office (EPSO): Examples of minimum qualifications

Important note on diplomas obtained outside the European Union, Iceland, Liechtenstein, Switzerland or Norway: If your application is found eligible on the basis of diploma(s) obtained outside these countries, we might ask you to provide proof of accreditation by one of the European Union Member States. This applies also to diplomas obtained in the UK after 31 December 2020.

Make sure you are meeting the language requirements: Common European Framework of Reference for Languages and assess your language skills. Language certificates are not required at the stage of application, unless specified in the vacancy.

Selection Process

Only shortlisted candidates will be contacted via E-mail. If your application has been rejected following the initial screening, the status in your candidate profile will be automatically updated to "Not admitted". Invitations to the shortlisted candidates are sent once the evaluation of applications is completed (this may take up to two months after expiry of the deadline to apply). Pre-selection exercises, online tests and interviews with the Selection Board usually take place remotely. If you are not selected for this position but are still considered suitable, you will be placed on a reserve list from which you might be considered for similar positions within EASA. Learn more about our Selection and Onboarding process. Take a look also at our comprehensive information on Benefits, get to know Our people and find out what Life in Cologne is like.

Apply now »