IT Cyber Security Engineer
Belgium, wallonne, Région, ReduESA/ESEC
We are looking for an IT Cyber Security Engineer on behalf of the European Space Agency (ESA) for their location in Redu, Belgium, to join their Cyber Security Operations Center (CSOC) under the guidance of the corporate IT security architect and the manager of ESACERT (ESA Computer Emergency Response Team). The selected candidate should show integrity and professionalism. The deadline for submitting applications is 3 December 2022.
The task initially is to provide project support to the deployment and implementation of the Cyber Security Operations Center (CSOC) project managed by the ESA Security Office, especially in relation to the interfacing within esait (ESACERT for security incident response, esait as CSOC tenant, esait as IT Infrastructure service provider). In due time this task may mutate towards cyber security operations tasks.
Please note, the successful candidate will be employed by ATG Europe (or one of its subsidiaries) and not by ESA. Furthermore, they will be subject to a general security screening performed by an external provider.
The successful candidate will be tasked with, but not limited to:
- Provide support to esait for what concerns CSOC implementation and future operations;
- Ensure that all esait (ESA IT dept.) requirements are understood by CSOC contractors and analyse, communicate and report proposed changes and (partial) non compliances;
- Translate documented requirements into concrete actions for esait service managers;
- Liaise with the Security Section members and management on CSOC matters, providing regular reporting on the status of the project, presenting and escalating key decisions and issues to management as appropriate;
- Assist in the tuning and validation of the roles, tasks and responsibilities for the SOC operations, based on the CONOPS;
- Liaise closely with ESACERT to define and ensure the correct coordination and definition of roles and responsibilities of the future CSOC and ESACERT;
- Assist the ESACERT manager in the integration of the incident response processes between CSOC and ESACERT;
- Support the migration of the ESACERT SIEM (Security Information and Event Management) to the CSOC SIEM and other systems;
- Other related tasks that support the successful implementation of the CSOC from the esait perspective;
- Provide appropriate documentation and presentations to stakeholders;
- Provide advice and guidance on specific security operations related implementation details that are referred to the service provider for this purpose.
- A Master's Degree in Information Technology or a similar subject is required;
- At least 4 years of relevant work experience with IT Security Architecture
- Experience with modern IT technologies used for securing end-points (PCs, Mobile devices, IoT, etc.), Infrastructure (network, storage, computing infrastructure and cloud), Operating Systems and Applications technologies;
- Experience with security operations and SOC specific tools and processes;
- Experience with specific IT technologies deployed in the scope of the contracted tasks, or expertise on technologies providing a similar functionality that can be transferred and applied within the context of this role, and knowledge of associated best practices and processes:
- Windows Active Directory, Windows and Linux;
- Microsoft Azure platform;
- Open standards based federated Identity and authentication technologies (e.g. SAML, oAuth2, OpenID);
- Load Balancer and Web Application Firewall;
- Virtualization and VDI technologies;
- Network Monitoring;
- Vulnerability identification and management technologies;
- SIEM technologies;
- Vulnerability management tools;
- Pen testing tools;
- Firewalling technologies;
- Privileged access management tool (PAM);
- Networking components, VPN, remote access and routing;
- Data at rest encryption;
- Data in transit encryption;
- Common firewalling platforms;
- Other industry standard or common security related tools.
- Knowledge of and experience with Information Security Management processes and according to ISO 27001;
- Specific IT Security industry certification/specialization (e.g.CISSP) or technical vendor certifications will be considered a key asset;
- Excellent communicator with friendly attitude and active listening skills;
- Flexible, enthusiastic, and empathetic person with willingness to collaborate with others on different tasks;
- Able to work both autonomously and in a team;
- Logical thinking, desire to learn and continuously develop;
- Must be eligible to work in the EU;
- Fluency in English (both written and spoken).
Your application has been successfully submitted! For any additional question you might have, don't hesitate to reach out to us through our social media channels or contact us at firstname.lastname@example.org