Category Archives: Vacancies

Personnel changes in RIA cyber security division


Anto Veldre, a legendary Estonian security specialist leaves RIA:

From the beginning of the year, the State Information System Authority (RIA) discharged an experienced IT security expert and promoter Anto Veldre. Veldre has worked as an analyst at the incident handling department at CERT-EE and in the Communications Department.

Helen Uldrich, head of RIA Communications Department, explained the discharge of Anto Veldre by the change in the structure of their unit from 2018. The analyst’s place where Veldre previously worked was changed into a spokesperson’s position and, as a result, his duties changed.

“Unfortunately, RIA did not have another position to offer Anto that would correspond to his professional profile. The whole staff of the State Information System Agency highly appreciates Anto and his contribution, for example, to explaining the functioning of the e-state,” added Uldrich.


Klaid Mägi, the head of CERT-EE leaves RIA:

Klaid Mägi, head of CERT-EE will leave the state office and continue to work at CybExer Technologies, a private Estonian company promoting cyber hygiene. Mägi has led the unit since autumn 2014. Previously, he has worked at the Ministry of Finance, Elisa and Elion.

Uku Särekanno, the new Deputy Director General of RIA Cyber Security Branch:

The authority organised a public competition last October to find a director for the Cyber Security Branch. About ten people applied for the position. The Director General of the Information System Authority chose the suitable candidate in early December.

Previously, Uku Särekanno has worked at different positions in the European Commission, the Government Office, and the Ministry of Foreign Affairs, led the Public Order and Criminal Policy Department of the Ministry of the Interior, and represented Estonia in Brussels regarding issues of migration and police cooperation.

Before, since September 2011, this responsibility has been borne by Toomas Vaks, who previously worked as a risk manager for bank cards in Swedbank, before he was employed at Hansapank.

Links:
https://tehnika.postimees.ee/4367831/ria-koondas-legendaarse-eesti-turvaspetsialisti-anto-veldre
https://geenius.ee/uudis/ria-koondas-eesti-turvaspetsialisti-anto-veldre/
https://www.err.ee/654409/ria-uks-juhivtootaja-klaid-magi-lahkub-toole-erasektorisse
https://geenius.ee/uudis/riast-lahkus-toolt-jargmine-tippekspert-certi-juht-klaid-magi/
https://geenius.ee/uudis/peterkop-me-ei-suuda-erasektoriga-voistelda-aga-pakume-erilist-tood/
https://www.ria.ee/en/uku-sarekanno-is-the-deputy-director-general-of-the-information-system-authority.html
https://geenius.ee/uudis/uus-eesti-kuberkaitse-juht-meie-maine-hoidmiseks-ei-piisa-enam-ainult-raakimisest-ja-konverentsidel-kaimisest/
http://arileht.delfi.ee/news/uudised/ria-endine-kuberturbejuht-macgyveri-teibiga-e-riiki-ei-ehitata?id=79908056

CERT-EE is looking for monitoring specialists and security experts

INFORMATION SECURITY EXPERT

The main tasks:
• Information security incident investigation, solving and technical analysis;
• Network monitoring;
• Threat and vulnerability monitoring, reaction and solving;
• Development of technical solutions;
• Log analysis;
• Performing tasks of international contact point in incident investigation and solving.

MONITORING SPECIALIST

The main tasks:
• Information security incident monitoring and management 24/7.
• Incident monitoring and management of RIA services and state networks;
• Tracking of information security news and compilation of summary;
• Performing tasks of international contact point in incident investigation and solving.

If you think that you are the person we are looking for, send your CV together with suggested amount of salary to klaid@cert.ee until 05.12.2017.

Links:
https://twitter.com/CERT_EE/status/933023046927077376
https://cybersec.ee/wp-content/uploads/2017/11/CERT_seirespetsialist.jpg
https://cybersec.ee/wp-content/uploads/2017/11/CERT_infoturbeekspert.jpg

Security Software OÜ is looking for security operators

We are looking for a competent security operator to undertake the surveillance of our customers IT systems, networks, servers, and operate the security measures of our customers. You will be responsible for detecting any suspicious network behavior and reacting accordingly. The ideal candidate will inspire respect and authority as well as possess a high level of observation.

Responsibilities:
• Patrol system logs for threats
• Respond to alarms by investigating and assessing the situation
• Remove hackers, trespassers, and policy violators from network
• Work with customer IT staff to secure all endpoints, network devices, servers, services, and IoT
• Provide assistance to customer IT staff
• Apprehend and detain perpetrators
• Submit periodic reports of surveillance activity and important occurrences

Soft skills & personality:
• Sharp mind, act fast
• Investigative mindset
• Tech-savvy
• Dealing with uncertainty

Technical knowledge (work experience or learning):
• Networks – good understanding of how computer networks work
• Windows – yes – people use Windows
• Linux – yes – people use Linux
• Scripting – comfortable working with PERL

Links:
https://secsoft.ee/wp-content/uploads/2017/11/SECURITY-OPERATOR.pdf

Cybernetica’s Information Security Institute is looking for a senior researcher

Cybernetica’s Information Security Institute has an open position for a SENIOR RESEARCHER

We are looking for applicants that complement our existing competencies and at the same time have necessary abilities to lead an independent industrial research group. The list of potential topics of interest includes but is not limited to

• new directions in cryptography (especially post-quantum cryptography),
• cryptanalysis,
• formal methods (sociotechnical risk models, protocol analysis),
• privacy-preserving computations,
• data mining and/or machine learning for security,
• secure software and systems development,
• hardware-level and embedded systems security (Internet-of-Things, smart cards, side channel attacks).

We stress once more that the previous list is not exhaustive. We a looking for a candidate who creates synergies with our existing senior researchers.

Successful applicant has a
• PhD degree in computer science, mathematics, software engineering or in a closely related field, together with a
• proven track record showing academic and/or industrial performance in the field of computer security or cryptography.

We offer
• opportunity to integrate new research activities into Cybernetica’s R&D portfolio, as well as to contribute to existing themes;
• to work with, learn from, and teach highly qualified professionals, both in research and development;
• to be part of, and improve the Estonian e-society;
• (reasonable) funds to set up your research environment, should your research topics require the purchase or rent of specialized hardware, high-performance computing resources, etc;
• funds to hire a junior researcher working on your research topics;
• being part of a growing team either in our Tallinn or Tartu office;
• flexible working hours.

Links:
http://www.cv.ee/job-ad/cybernetica-as/senior-researcher-d3437988.html

University of Tartu is looking for professor of cryptography

Vacancy: UT, Institute of Computer Science, Professor of Cryptography
Duties and responsibilities: Development of curricula and courses in Cryptography. Teaching subjects related to Cryptography. Supervision of PhD and Master students. Successful application for research grants, administration of them and performing the research required under the grants. See also job description.
Required qualifications: PhD or an equivalent qualification in the relevant field See also requirements for teaching and research staff.
Required experience: Teaching experience at the university level, experience in supervising Master and PhD students. Administrative and research competence needed to provide the leadership in organising research.
Required language skills: Excellent command of English. Knowledge of Estonian is desirable but not essential.
Workload 1,00; and the classroom teaching load at least 128 academic hours per calendar year
Salary According to UT salary rules, depending on the candidate’s qualification and the level of experience. See also UT salary rules.
Starting at 01.01.2018
Deadline: 03.08.2017

Position fields can be interpreted rather broadly. Cryptography classic and quantum, post-quantum; privacy preserving data mining; privacy and security; new technologies like blockchain; from theoretical to more applied backgrounds. It is important to have a broad view of the field in order to be able to help our curriculum development goals as well as lead research in broad spectrum with many smaller more independent groups. Cryptography has been one of University of Tartu and Estonian ICT sector strongholds, many opportunities for local collaborations exist and could be developed.

Appointments will be for indefinite contracts, i.e. at immediately “tenured” level, with standard performance reviews every 5 years. Since university rules are flexible, internationally competitive levels can be negotiated dependent on ability to attract funding, international collaborations, visibility, etc.

Links:
http://www.ut.ee/en/welcome/job-offer/professor-cryptography

HITSA is looking for a chief information security officer

HITSA announces a competition for the post of information security manager.

The main area of work for information security manager is launching and maintaining an information security management system, evaluating its performance and making the necessary improvements to ensure an adequate level of security for information assets of HITSA.

Come to apply if:
• You have a university degree in the field of IT;
• You have worked in the IT field for at least three years;
• You have the knowledge of information security organization and security project design and implementation experience;
• You have knowledge of information systems and their principles of operation;
• Have Estonian language skills at advanced level, both oral and in writing, and you have a good level of sector-specific English speaking and writing skills;
• You show initiative and have organizational potential, teamwork and independent work skills, analytical thinking, reliable and good to increased levels of stress.

For our employees we offer:
• Opportunity to contribute to the development of Estonian education information system in the field of information security;
• Good working conditions;
• 35-day vacation;
• Supportive team.

Deadline for applications is 31 May 2017. Work starts in September 2017.

Links:
http://www.cv.ee/toopakkumine/hariduse-infotehnoloogia-sa/infoturbejuht-f3315468.html
http://hitsa.ee/uudised-1/tookuulutus-hitsa-otsib-infoturbejuhti

SEB is looking for project manager of authentication and security

seb_digiauthsec

Your responsibilities:
• Authentication and internet bank security solutions related project management
• Product management, analyze/interpret security needs and translate them into application and operational requirements
• Monitor and analyze performance data related to automated fraud detection to develop improvements
• Risk analysis and high proactivity in managing risks

Who we are looking for:
• Project management and analysis skills are essential
• You understand or are a fast learner to explain 2factor authentication, Public Key Infrastructure, Electronic identification (eID) and electronic Trust Services (eTS) in the context of EU Digital Single Market
• Ability to multitask and prioritize work in a changing business climate
• You feel that writing documentation, preparing audits and answering security and risk assessment questionnaires is something you are comfortable to handle from time to time
• Readiness to travel between Baltic countries

This is an advantage if you have knowledge of fraud prevention/detection Technologies, have university degree in computer sciences or economics and feel comfortable to work independently/use time efficiently.

Education required: Higher education (bachelor)
Languages required: English
Location: Vilnius/Riga
Deadline for applying: 04. December 2016

Links:
http://www.cv.ee/job-ad/seb-pank/project-manager-of-authentication-and-security-f3204148.html

CERT-EE is looking for a monitoring specialist

RIA

Duties:
• information security incident monitoring and defense 24/7;
• state network (ASO) and RIA service monitoring;
• RIA service and state network incident monitoring and defense.

Requirements:
• at least year IT work experience;
• at least secondary education;
• computer skills on average level (MS Windows and UNIX work experience);
• interest towards information security;
• willingness to work in shifts.

Desired:
• international work experience;
• knowledge in administration of Estonian public information systems;
• clearance for access to state secrets (classification – ‘secret’).

If you believe that  you are the right person we are looking for, please send your CV along with a latter of motivation to klaid@cert.ee. For additional questions, please call 6630243 or send them to klaid@cert.ee

In 2015 CERT-EE had 5 monitoring specialist positions.

Links:
https://cybersec.ee/wp-content/uploads/2016/09/CERT-seirespetsialisti-kuulutus.pdf

Open Vacancy: Security Engineer in Guardtime R&D division

guardtime_logo

About The Role
The security engineer is part of a team of highly skilled, dedicated individuals who support research and software/security architecture for new product developments. This role will be based in Estonia (Tallinn/Tartu) and be a part of an international organization where most of the clients and market is growing overseas.
Responsibilities:
* Research/develop new technologies applicable to our products/services
* Software/security architecture for prototypes, new product developments
* Integration of KSI with various technologies like virtualization platforms, Internet of Things, PKI-based systems, code repositories, networking platforms, big data and others.
* Document and present research results
* Participate/present in security conferences, publish research papers, follow current trends in the information security world

Profile:
* Strong background in cryptography engineering information security
* Eloquent in formal methods, mathematics and statistics
* Familiarity with security infrastructure and protocols
* Experience with distributed systems, networking, cloud deployment and virtualization
* Strong background in programming – C/C++/Java/JS
* Strong experience with Unix Scripting: shell, perl, python or equivalent
* Result oriented and eager to learn

Links:
https://guardtime.com/about/jobs/security-engineer

Open Vacancy: Officer in Swedbank Security Incident Response (SIRT) Team

swedbank_logo

Your tasks will consist of:
* Gathering and analyzing of information about potential threats to Swedbank,
* Discovery and management of security incidents, including computer fraud and post-incident’s investigation,
* Proactive work to prevent security incidents.

Skills and qualities important to possess as a SIRT Officer in order to be successful in the role:
* University degree or practical IT working experience of at least 4 years,
* Ability to gather and analyse information,
* Knowledge and experience at least one of the following: Windows, Unix, or databases.
* Fundamentals of computer networks, network protocols, and applications,
* Knowledge of basic information security principles, including risks and threats to computers and networks, security vulnerabilities and attacks,
* Knowledge and experience of Java and Python programming languages would be seen as an advantage
* Software reverse engineering, or cryptography knowledge, or penetration testing (OWASP), and demonstrated computer forensics skills would be seen as an advantage,
* Knowledge of basic digital electronics would be seen as an advantage, and
* Good verbal and written communication skills in Estonian and  English is a necessity; knowledge of Russian would be seen as advantage

Links:
http://swedbank.easycruit.com/intranet/ee_homepage/vacancy/1411080/70633?iso=ee