By continuing to browse this site, you agree to our use of cookies. Read our privacy policy

End-to-end Information Security Engineer

  • Organization: ESA - European Space Agency
  • Location:
  • Grade: Level not specified
  • Occupational Groups:
    • Engineering
    • Security and Safety
    • Information Technology and Computer Science
  • Closing Date: 2021-06-13

Click "SAVE JOB" to save this job description for later.

Sign up for free to be able to save this job for later.

 

EUROPEAN SPACE AGENCY

 

Vacancy in the Directorate of Telecommunications and Integrated Applications.

 

ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. For this purpose, we welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, beliefs, age, disability or other characteristics. Applications from women are encouraged.

 

Post

End-to-end Information Security Engineer

 

This post is classified A2-A4 on the Coordinated Organisations’ salary scale.

 

Location


ESTEC, Noordwijk, The Netherlands or ECSAT, Harwell, United Kingdom

 

Description

The Telecommunications and Integrated Applications (TIA) Security Office manages all the security aspects of the TIA   Directorate, in close coordination with the ESA Security Office (ESO), and is responsible for drawing up the TIA Directorate Security Plans.

 

You will report to the Head of the TIA Security Office.

Duties

  • Supporting the TIA Information Security Officer (ISO) in supervising the uniform, correct implementation of the ESA Security Framework (Security Regulations, Security Directives, TIA-specific Security Implementation Procedures) in the Directorate, especially the following:
    •  implementation of the Information Security Management Plan (ISMP) for the Directorate, in coordination with and with the input of the Project System Security Officers (PSSOs);
    • implementation of the Information Security Management Plan (ISMP) for all relevant contracts;
    • implementation of the Directorate’s personnel security policy, by
      • providing initial basic security awareness briefings to newcomers to the Directorate;
      • establishing the security awareness programme for the Directorate, with clear quality indication points to be achieved, while ensuring and supervising its implementation and keeping records of participation by Directorate personnel;
      • coordinating with the relevant Agency specialists/services regarding dedicated awareness sessions and briefings (e.g. with the ESA Export Control Coordinator and the ESA Security Office regarding COMSEC Authorisation Briefings);
      • providing compulsory briefings to the Directorate personnel requiring access to information classified ESA RESTRICTED (or equivalent), and ensuring relevant records are kept;
    • reporting of TIA security incidents (i.e. security breaches and the potential or actual compromising of information) to the ESA Security Office, taking the immediate necessary remedial measures and assisting the ESA Security Office in possible subsequent security investigations;
  • performing threat assessment and risk analysis with the PSSOs and all relevant technical specialists in the Directorate, to establish an overall security risk analysis and security risk management plan for the Directorate;
  • providing support for the Telecommunications Satellite Programmes Department project development requiring security engineering;
  • ensuring a uniform, commensurate approach to cybersecurity in the Directorate and its programmes/projects/activities in coordination with the Directorate’s Cyber Security Managers (CSMs) and PSSOs;
  • in coordination with the PSSO, analysing, with the ITT Initiating Authority and the Contract Officer responsible, the sensitivity of the information generated, distributed and received in the scope of a procurement activity, ensuring compliance with the ESA Security Directives;
  • acting as the Directorate Information Security Officer in the absence of the TIA ISO (Alternate ISO);
  • liaising regularly with the ESA Security Office to implement security engineering processes uniformly across the Directorate.

 

Frequent missions, in particular to ESRIN, Frascati (Italy), are required.

Technical competencies

Experience in working on end-to-end secured space systems
Experience in the fields of Information Protection Management, Personnel Security
Management and CIS Security Management (e.g. ISO 27000 series)
Threat assessment, risk analysis and continuity management methodologies and standards
Experience in security certification and accreditation processes for systems
Experience in writing and implementing operational security processes (SECOPS) for environments, personnel and systems
Experience in managing Classified Registries and COMSEC Accounts
Knowledge of international Request for Visit procedures for visits to Classified Facilities and/or participation to Classified Meetings

Behavioural competencies

Result Orientation
Operational Efficiency
Fostering Cooperation
Relationship Management
Continuous Improvement
Forward Thinking

Education

A Master's degree in engineering is required.

Additional requirements

You should have 10 years’ experience in Information Protection Management, Personnel Security Management  and CIS Security Management (e.g. ISO 27000 series) as well as all related best practices in those areas, including security risk management. Having the related certifications (e.g. CISSP, CPP, ISO) will be considered an asset.


You should be able to apply recognised techniques such as OCTAVE, SABSA, MEHARI and EBIOS, and conduct or coordinate threat assessment/risk analysis exercises on complex systems.


You should have experience of working on Classified projects or programmes and in Classified environments.


Being knowledgeable about the Agency and its internal rules, regulations and working practices as well as having general knowledge of physical security related matters (e.g. accreditation of facilities, security zoning) will be considered an asset.


You should be eligible to obtain Personnel Security Clearance at SECRET level, issued by your parent National Security Authority.
At the end of your probation period, you will be required to pass a dedicated suitability test set by the ESA Security Office.

Other information

For behavioural competencies expected from ESA staff in general, please refer to the ESA Competency Framework.

 

The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.     

 

The Agency may require applicants to undergo selection tests.

 

At the Agency we value diversity and we welcome people with disabilities.  Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace.  The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further please contact us email contact.human.resources@esa.int.

-----------------------------------------------------------------------------------------------------------------------------------------------------

Please note that applications are only considered from nationals of one of the following States: Austria, Belgium, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, the United Kingdom and Canada, Latvia and Slovenia.

 

According to the ESA Convention the recruitment of staff must take into account an adequate distribution of posts among nationals of the ESA Member States. When short-listing for an interview, priority will first be given to internal candidates and secondly to external candidates from under-represented Member States. (https://esamultimedia.esa.int/docs/careers/NationalityTargets.pdf)

 

In accordance with the European Space Agency’s security procedures and as part of the selection process, successful candidates will be required to undergo basic screening before appointment. 

 

Recruitment will normally be at the first grade in the band (A2); however, if the candidate selected has little or no experience, the position may be filled at A1 level.

We do our best to provide you the most accurate info, but closing dates may be wrong on our site. Please check on the recruiting organization's page for the exact info. Candidates are responsible for complying with deadlines and are encouraged to submit applications well ahead.
Before applying, please make sure that you have read the requirements for the position and that you qualify.
Applications from non-qualifying applicants will most likely be discarded by the recruiting manager.
Apply

What does it mean?

Click "SAVE JOB" to save this job description for later.

Sign up for free to be able to save this job for later.