Quality Support and Internal Control Officer - CDI - Monaco

The mission includes, but is not limited to, the following tasks:

• Control of the documentary repository of current trusted services
  • PC/DPC
  • GCU
  • Forms
  • Asset management
  • Management of trusted roles
• Quality assurance
  • Test campaign organisation
  • Test execution
  • Preparation of campaign reports
  • Patch follow-up
• Maintaining operational and security conditions
  • Analysis of incidents
  • Writing and monitoring tickets
  • User support
• Systems certification
  • Participation in risk analyses
  • Monitoring annual penetration tests
  • Follow-up of actions to correct discrepancies
• Internal control
  • Setting up tools to enable internal control to be carried out
  • Preparing campaigns
  • Carrying out control operations within the scope of the Compliance Division
• Qualification of trusted services
  • Preparing for and taking part in audits
  • Follow-up of actions to correct discrepancies
• Monitoring standards and regulations in relation to trusted services
  • ETSI
  • eIDAS v2
  • ISO
  • PSSI-E
  • Monegasque law
• Preparing for the implementation of future trust services
  • Impact analysis
  • Participation in design workshops

The assignment has three main components: quality control, support and internal control.

In terms of quality control, the service provider must first and foremost take ownership of the existing document repository and master the organisation in order to be able to give meaning to the test campaigns that they will be asked to prepare and then carry out as part of the new services or upgrades. As a driving force behind proposals, he or she must take the initiative and not hesitate to report to and challenge the management team. Their reports must be concise, well-founded and neatly written.

The service provider also plays an active role in providing support, both to users and to the department's civil servants and agents. Support takes several forms. It naturally involves monitoring incidents, particularly production incidents, from the creation of tickets to their resolution, as well as participation in all phases of qualification and renewal audits and certification audits.

Finally, internal control is of paramount importance for trust services. Both standards and regulations are evolving. The service provider in charge of internal control must be able to prepare qualification and renewal audits for trusted services as effectively as possible, by keeping a close eye on developments and having a thorough knowledge of the standards. It must also enable the two divisions to anticipate new requirements so that they can be complied with as quickly as possible, and support them in analysing and remedying any discrepancies arising from the audits. It must carry out impact analyses for each change (standards, regulations, architectures, infrastructure, organisation) and take part in design/evolution workshops.

In conclusion, the service provider in charge of internal control, quality control and support occupies a pivotal position in the organisation, as its role is to enable all the players in the trust services to approach the audits with confidence and to facilitate the day-to-day running of these same services.

Required qualifications

- Hold a national diploma attesting to five years' higher education, or a diploma recognised as equivalent by a competent authority in the country where the diploma was obtained, and have at least two years' professional experience in the field of information technology (computing, networking, telecommunications or cybersecurity) ;

or

- Hold a national diploma attesting to four years' higher education, or a diploma recognised as equivalent by a competent authority in the country where the diploma was obtained, and provide evidence of at least four years' professional experience in the field of information technology (computing, networking, telecommunications or cybersecurity);

or

- Hold a national diploma attesting to three years' higher education, or a diploma recognised as equivalent by a competent authority in the country where the diploma was obtained, and provide evidence of at least six years' professional experience in the field of information technology (computing, networking, telecommunications or cybersecurity).

• Be familiar with the trust services provided for under Monegasque regulations;
• Master the ETSI and ISO standards relating to the main trust services and VCEs;
• Master the concepts of cryptography;
• Master the life cycle of electronic certificates;
• An understanding of security architecture and its components (firewall, proxy, IDS, etc.);
• Fluency in French and English (reading, writing and speaking);
• Good writing skills;
• Good command of IT tools (Word, Excel, Outlook);
• Knowledge of recent Windows and Linux environments;
• Ability to communicate and explain technical information in layman's terms;
• Ability to summarise and report, both orally and in writing.

• A sense of responsibility;
• Ability to work across organisational boundaries;
• Demonstrate initiative and a high degree of autonomy;
• Be rigorous and organised;
• Be responsive and dynamic;
• Demonstrate versatility;
• Ability to work as part of a team;
• Excellent interpersonal skills;
• Ability to withstand pressure, particularly during incidents or crises;
• Be curious and keen to acquire new knowledge and skills;
• Excellent analytical skills and a real ability to adapt;
• Demonstrate reserve and professional discretion;
• Have a sense of ethics and absolute respect for confidentiality;
• Be of good character;
• Have a sense of public service;
• Have a good presentation adapted to administrative work;
• Be sensitive to the Principality's ecological values and willing to participate in the Government's eco-responsibility initiative.

Previous involvement in an eIDAS audit would be a plus.

• Location of assignment/service: Monaco
• Working hours: 39 hours/week
• Teleworking subject to approval by the head of department, up to a maximum of 2 days per week and in a location established in advance; it being understood that service-related constraints take precedence;

In view of the Agency's remit, candidates' attention is drawn to the constraints associated with the post: the possibility of working, on an exceptional basis, non-working hours, including weekends and public holidays.

We are committed to diversity, gender equality and the employment of people with disabilities.

Only European nationals or holders of a residence permit issued by the Préfecture des Alpes-Maritimes (06) are eligible for employment in the Principality.