ICT Security architect

Job Description:

ICT Security Architect

1 Overview

This Specific Contract defines specific terms and conditions, organized in tasks and activities, for implementation of the framework contract Frontex/2021/RP/1261/AH/AA lot 1 in relation to work item 2nd Level Support described in Chapter 6.3.7 of the FWC Terms of Reference document.

The group of the Framework Contract Terms of Reference requirements that apply the most is: Personnel. All terms and conditions, as well as goals and approaches, of the mentioned Framework Contract are to be followed and respected in execution of this Specific Contract.

This contract is time-and-means according to the definition given in the Framework Contract. Contractor's Staff shall work at Frontex Headquarters.

All documentation and communication, either in paper or in electronic form, shall be in English (U.K.). Contractor's Staff shall communicate in English in any written or spoken contexts, at least at the CEFR.

The objectives of the contract are as follows:

• Develop organisation's cybersecurity architecture to address security and privacy requirements
• Establish a secure environment during the development life cycle of systems, service, and/or products
• Lead the development, integration and maintenance of cybersecurity components ensuring the cybersecurity specifications are met
• Assure the security of the solution architectures through security reviews
• Collaborate with key security personnel and other teams in applying the security principles in the architecture
• Adapt the organization's security architecture to emerging threats
• Contribute to the definition of the security architectural blueprint and integrate new solutions with existing framework based on a security architectural blueprint
• Develop and maintain ICT security strategy

The objectives are to be achieved under the direction and in cooperation with ICT Security Operations Team and other architects, as well as in close and regular cooperation with other ICT teams (Software Development Team, Network Team, and Service Centre and Service Management Team).

All the tasks under this contract shall be performed at Frontex Headquarters in Warsaw, Poland.

The contract enters into force on the date of its signature by the last contracting party. Performance of tasks under the contract shall be ideally effectively initiated in May 2025 and in any case within 2 months of the contract's signature.

The initial duration of this contract is until 30 September 2025, with the possibility of 4 renewals. Unless stated otherwise, services shall be delivered on a daily basis.

All the tasks described below shall be performed in parallel, as determined by each task's input.

Relevant information will be delivered by Architecture Team and involved DIG members.

The aim of this task is to analyse, consult and introduce both strategic and operational ICT security deliverables, such as ICT Security Strategy, ICT Security Architecture, ICT security standards that will be used by other architects and delivery teams.

• Analyse the legal framework for ICT Security requirements
• Analyse and evaluate the cybersecurity of the organisation's architecture
• Develop organisation's ICT security architecture to address security and privacy requirements
• Develop and maintain ICT security strategy
• Produce architectural documentation and specifications
• Present high-level security architecture to stakeholders
• Establish a secure environment during the development life cycle of systems, service, and/or products
• Lead the development, integration and maintenance of cybersecurity components ensuring the cybersecurity specifications are met
• Collaborate with key security personnel and other teams in applying the security principles in the architecture
• Adapt the organisation's security architecture to emerging threats
• Perform market evaluation to identify appropriate solutions to business requirements
• Contribute to the definition of the security architectural blueprint and integrate new solutions with existing framework based on a security architectural blueprint
• Collaborate with ICT Security operation team
• Identifying issues and risks related to the ICT Security
• Reporting on activities performed under this task

Acceptance Criteria

• Speed and agility of responding to orders
• Adherence to deadlines
• Completeness and quality of the work results
• Efficiency and effectiveness
• Adherence to applicable standards

Relevant information will be delivered by Architecture Team and involved project members.

The aim of this task is to support delivery teams in guiding the design of the ICT systems in the area of ICT security.

• Analyse the legal framework for ICT Security requirements in the project
• Apply ICT security strategic and operational standards and architectures
• Assure the security of the solution architectures through security reviews
• Collaborate with ICT Security operation and project team
• Identifying issues and risks related to the ICT Security
• Reporting on activities performed under this task

Acceptance Criteria

• Speed and agility of responding to orders
• Adherence to deadlines
• Completeness and quality of the work results
• Efficiency and effectiveness
• Adherence to applicable standards