The EEAS, answering to the European Democracy Action Plan, established a common definition of Foreign Information Manipulation and Interference (FIMI) as well as a common framework and methodology for collecting systematic evidence therefore to inform effective and proportionate responses to the threat as formulated in the FIMI toolbox. The services provided under this contract shall support the EEAS’s efforts to contribute to the objectives of the Democracy Shield, by enhancing resilience against information manipulation and promoting information integrity.
To enable, maintain and further develop the technical and operational workflow between FIMI reporting and response according to quality criteria and scope of EEAS STRAT, we are looking for the candidate with the following expertise and services:
• Data model design and implementation: Support the design and implementation of the data model to support the encoding process of FIMI analysis ensuring interoperability with data from partners and cybersecurity analysis.
• Quality verification: Support the verification and validation of analytical data stored in the central EEAS SG STRAT FIMI knowledge database, ensuring the data is fit for use in high-quality analytical products.
• Alerting system: Establish internal and external communication escalation channels and alerting systems to promptly notify incident alerts relevant for internal and external stakeholders. This includes the distribution of time-sensitive alerts as well as regular analytical deliverables.
• Improve internal situational awareness on FIMI activities: Contribute to the transformation of semi-raw data analysis into regular analytical deliverables (such as the Data Team’s FIMI weekly digest and quarterly situational awareness products) aimed at supporting strategic responses at both institutional and inter-institutional levels. Some of this products will require the integration of analysis and insights coming from other teams in the EEAS STRAT.
• Improve external awareness raising on FIMI activities: Assist in the creation of analytical articles based on FIMI data-analysis encoded on OpenCTI. These regular contributions will reinforce the ESTF communication of data-driven investigations on EUvsDisinfo, with the goal of raising awareness and exposing FIMI operations to public audiences.
The relevant profile’s main areas of responsibility will be to:
a) Ensure availability and integrity of the data encoded on OpenCTI to be ready to be processed and translated into analytical products.
b) Production and delivery of regular analytical products using internal and external distribution channels.
- Continuously design and implement a data model based on STIX to ensure the data is fit for use in high-quality analytical products.
- Contribute to the communication and alignment of the data model with partners and cybersecurity threat requirements. Daily validation of Incident Alerts and FIMI analysis encoded on OpenCTI
- Daily quality-check of analysis encoded on OpenCTI, including third party research
- Participate in weekly meetings with the R&D team to understand and help align technical developments with the data model and analytical production.
- Participation in weekly editorial meetings to understand monitoring priorities and analytical needs of EEAS STRAT
- Produce regular analytical products, such as weekly analysis and quarterly analysis using the information encoded on OpenCTI
- Integration of analytical contributions from other members in the EEAS STRAT structure into selected regular deliverables (Quarterly reports)
- Propose content (on specific campaigns, incidents or investigations) encoded on OpenCTI that can be translated into analytical deliverables (such as articles for EUvsDisinfo).
- Monthly production of articles for EUvsDisinfo based on data encoded on OpenCTI
- Timely delivery of Indecent Alerts and other regular analytical products of the EEAS STRAT Data Team to selected internal and external stakeholders responsible for the activation of responses.
- Regular update and maintenance of distribution protocols, channels and recipients to ensure that the information effectively reaches key stakeholders
- Assistance in the design and improvement of analytical regular products and distribution/spallation channels
- Definition of user roles and rights for internal stakeholders (“Customers”) balancing business needs with GDPR requirements
The following qualifications, experience and skills are required:
- Very good understanding of the EEAS’s approach to FIMI monitoring, detection and analysis including relevant underlying policies, mandates and methodologies
- Minimum of 2 years of relevant experience analysing, reporting and communicating digital investigations on FIMI/disinformation
- Strong technical skills and knowledge to interpret data encoded in STIX and on OpenCTI and translate it into analytical assessment and products
- Strong strategic and analytical mindset
- Very good knowledge (written and spoken) of English
- Strong communication and reporting skills
- Ability and experience in efficiently and clearly communicating with institutional management and staff at all levels
- The selected candidate should hold, or be in the position to obtain, a valid Personnel Security Clearance (PSC) issued by the competent authority of the Member State concerned.
The following qualifications, experiences and skills are considered strong assets:
- Good knowledge of the GDPR
- Knowledge on data visualization tools
- Experience of applying cybersecurity standards, workflows and principles to the monitoring, detection and analysis of FIMI threats
- Rapid grasp of complex problems and capacity to identify issues and solutions
- Sound understanding of the digital information space as well as knowledge of latest research as to FIMI actors and activities