At CERN, the European Organization for Nuclear Research, physicists and engineers are probing the fundamental structure of the universe. Using the world's largest and most complex scientific instruments, they study the basic constituents of matter - fundamental particles that are made to collide together at close to the speed of light. The process gives physicists clues about how particles interact, and provides insights into the fundamental laws of nature. Find out more on http://home.cern.

Diversity has been an integral part of CERN's mission since its foundation and is an established value of the Organization.

Join the CERN Computer Security Team, which is mandated to secure and protect all aspects of the computing infrastructure of CERN as well as its operations and reputation against any kind of cyber-threats.

Like any other organization, university or company, CERN is facing a permanent threat by different kinds of cyber-attacks putting its office computers, computer centres as well as accelerators and experiments at risk. Proactive detection of such attacks based on threat intelligence from many different sources and the monitoring of a vast sphere of computer centre nodes, network traffic and storage systems has become key to advert any abuse of CERN’s computing resources. Easily the data stream to be analysed tops a few terabytes per day and requires automatic real-time comparison with indicators of compromise, long-term storage for future forensics as well as thorough data enrichment for incident response, tasks which are performed by CERN’s sophisticated computer Security Operations Centre (SOC). This SOC directly drives daily operations and provide the team with the necessary tools to detect, prevent and manage intrusions. It includes receiving and sharing threat intelligence with our partners.

You will be involved in developing the necessary software "glue" to fully integrate the new next generation firewall into the CERN Security Operations Center (SOC). This includes using the present APIs such that CERN Indicators of Compromize (IoCs) can be transferred from the SOC's MISP instance into the firewall module of intrusion detection & prevention as well as the read out of all indicators leading to blocked traffic and of the corresponding alerts. Once done, similar implementations should be deployed for the next iteration of SPAM filtering and anti-malware protection ("FireEye EX") as well as for the next solution for the EDR for centrally hosted (Windows) PCs.

Here are some of the technologies that we use:

• Programming Languages:
  • Python
  • Java
  • PHP
  • C / C++
• Cybersecurity tools and platforms:
  • MISP (Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing)
  • FIR (Fast Incident Response)
  • The Hive & Cortex
  • GRR Rapid Response
• Software
  • Elastic stack
  • Apache Kafka
  • Apache Flume
• Hadoop, HDFS and related ecosystem Configuration Management
  • Puppet
  • Foreman
• Operating systems:
  • Linux (CentOS)

Eligibility criteria:

• You are a national of a CERN Member or Associate Member State;
• You have a Bachelor or Master’s degree in Computer Science, Software Development or related fields;
• You have no more than 4 years’ experience after completing your highest diploma.

Essential skills and experience:

• You have experience with computer, network or software security;
• You enjoy learning and  tackling new challenges;
• You are willing to participate in various Computer Security activities, including software development, security operations and system administration;
• You are willing to contribute to a series of computer security projects relevant for a better protection of the Organization as well as providing advice and consultancy in matters of computer security.

Please note that CERN Staff members are not eligible to apply for a Fellowship.

CERN would very much like to benefit from your expertise, commitment and passion.  

In return, CERN will provide you with:

• An employment contract for between six months (minimum) up to a maximum of 36 months.
• A stipend ranging from 5,281 to 6,558 Swiss Francs per month (net of tax).
• Coverage by CERN’s comprehensive health scheme (for yourself, your spouse and children), and membership of the CERN Pension Fund.
• Depending on your individual circumstances: an installation grant, family, child and infant allowances as well as travel expenses to and from Geneva.
• 2.5 days of paid leave per month.

Your Life @CERN

Find out more here: https://hr-dep.web.cern.ch/content/life-cern

This is how you can apply:

You will need the following documents to complete your application:

• A CV.
• A scanned PDF of your most recent relevant qualification.

We recommend to add two recent letters of recommendation, giving an overview of your academic and/or professional achievements. You can upload these letters at the time of application if you have them to hand. You will also be provided with a link as soon as you have submitted your application to forward to your referees to upload their letters confidentially. Please note this must be done before the closing date.

All applications should reach us no later than 5 April 2020.

Please make sure you have all the documents needed to hand as you start your application, as once it is submitted, you will not be able to upload any documents.