Skip to content

Operational Security, Accreditation and Governance Support

On-site
  • Prague, Praha, Hlavní město, Czechia
  • Toulouse, Occitanie, France
+1 more
EUSPA

Job description

We are looking for multiple people in support of Operational Security, Accreditation and Governance on behalf of and in support to our client for multiple locations in Europe: Prague, Saint-Germain-en-Laye (France), Madrid (Spain), Noordwijk (the Netherlands), Oberpfaffenhoffen (Germany), Fucino (Italy) and Toulouse (France). The selected candidate should show integrity and professionalism. Please note that the start date would be the beginning of April 2024 and that the engagement will be in two consecutive phases (within and after October 2024).


The activities below will include frequent access to classified security areas and systems. They may entail meetings in the other client's premises in Europe, EC premises in Brussels, ESA premises in Noordwijk – ESTEC (The Netherlands) or other European centres, Galileo Control Centres in Fucino (Italy) and Oberpfaffenhoffen (Germany) or other space programme sites across the world (for a few tasks).


Please note, the successful candidate will be employed by ATG Europe (or one of its subsidiaries). Furthermore, upon selection, they will be subject to a general security screening performed by an external provider (further information will be provided at interview stage).


The successful candidate will be tasked with, but not limited to:

  • Support to Galileo security activities;
    • Support to the follow up of security accreditation of new service milestones and releases of the system, subsystems;
    • Support to the follow up of security accreditation activities in relation of the Galileo sites;
    • Support to the follow up and review of the inputs provided by the different Galileo stakeholders in relation to security accreditation activities and production of accreditation files;
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status).
    • Support to the review, definition and drafting of security governance documents (eg. Programme Security Instructions, security classification guide, security management plan and other documents to enforce the protection of classified information);
  • Support to EGNOS security activities;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status).
    • Support to the review of security documentation to be delivered to the Security Accreditation Board related to EGNOS;
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the follow up and review of the inputs provided by the different EGNOSstakeholders in relation to security accreditation activities and production of accreditation files;
    • Support to the follow up of security accreditation activities in relation of the EGNOS sites;
    • Review of the security risk analysis for EGNOS, assessment of risk mitigation measures, proposal of treatment plans, etc.;
    • Support the documentation review and production for harmonisation of EGNOS security framework with Civil Aviation security framework such as EU Cyber Security Regulation and EASA decisions, and coordination with stakeholders;
    • Support to the review, definition and drafting of security governance documents (eg. Programme Security Instructions, security classification guide, security management plan and other documents to enforce the protection of classified information);
  • Support to GOVSATCOM security activities;
    • Support to the review of the threat and security risk analyses;
    • Support to the definition, reviewing, updating and drafting of security governance and security baseline documents (eg. Programme Security Instructions, security classification guide and other documents to enforce the protection of classified information, mission requirements, system and interconnection requirements documents);
    • Support to the review of specifications, analysis, definitions and flow-down of Security Requirements;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status).
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the analysis of security aspects, by drafting and reviewing security-related technical notes including business impact analysis, continuity and contingencies plans, audit plan;
    • Technical support for the handling of security aspects, in particular reviewing technical documents from stakeholders addressing security aspects;
    • Support to the preparation and execution of technical meetings (e.g. accreditation panel and board, task forces, expert groups, ...);
    • Contribution to the relevant risk management process;
    • Based on request, to provide the transversal support to the governance and accreditation activities performed under other components.
    • Support to the follow up of security accreditation activities in relation with the GOVSATCOM sites;
  • Support to Secure Connectivity security activities;
    • Support to the review of the threat and security risk analyses;
    • Support to the definition, reviewing, updating and drafting of security governance and security baseline documents (e.g. Programme Security Instructions, security classification guide and other documents to enforce the protection of classified information, mission requirements, system and interconnection requirements documents);
    • Support to the review of specifications, analysis, definitions and flow-down of Security Requirements;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status).
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the analysis of security aspects, by drafting and reviewing security-related technical notes including business impact analysis, continuity and contingencies plans, audit plan;
    • Technical support for the handling of security aspects, in particular reviewing technical documents from stakeholders addressing security aspects;
    • Support to the preparation and execution of technical meetings (e.g. accreditation panel and board, task forces, expert groups, ...);
    • Contribution to the relevant risk management process;
    • Based on request, to provide the transversal support to the governance and
    • accreditation activities performed under other components.
    • Support to the follow up of security accreditation activities in relation of the Secure Connectivity sites;
  • Support to COPERNICUS security activities;
    • Support to the review of the threat and security risk analyses;
    • Support to the definition, reviewing, updating and drafting of security governance and security baseline documents (e.g. Programme Security Instructions, security classification guide and other documents to enforce the protection of classified information, mission requirements, system and interconnection requirements documents);
    • Support to the review of specifications, analysis, definitions and flow-down of Security Requirements;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status);
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the analysis of security aspects, by drafting and reviewing security-related technical notes including business impact analysis, continuity and contingencies plans, audit plan;
    • Technical support for the handling of security aspects, in particular reviewing technical documents from stakeholders addressing security aspects;
    • Support to the preparation and execution of technical meetings (e.g. accreditation panel and board, task forces, expert groups, ...);
    • Contribution to the relevant risk management process;
    • Based on request, to provide the transversal support to the governance and accreditation activities performed under other components;
  • Support to SSA security activities;
    • Support to the review of the threat and security risk analyses;
    • Support to the definition, reviewing, updating and drafting of security governance and security baseline documents (e.g. Programme Security Instructions, security classification guide and other documents to enforce the protection of classified information, mission requirements, system and interconnection requirements documents);
    • Support to the review of specifications, analysis, definitions and flow-down of Security Requirements;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status);
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the analysis of security aspects, by drafting and reviewing security-related technical notes including business impact analysis, continuity and contingencies plans, audit plan;
    • Technical support for the handling of security aspects, in particular reviewing technical documents from stakeholders addressing security aspects;
    • Support to the preparation and execution of technical meetings (e.g. accreditation panel and board, task forces, expert groups, ...);
    • Contribution to the relevant risk management process;
    • Based on request, to provide the transversal support to the governance and accreditation activities performed under other components;
  • Support to emerging security activities;
    • Support to the review of the threat and security risk analyses;
    • Support to the definition, reviewing, updating and drafting of security governance and security baseline documents (eg. Programme Security Instructions, security classification guide and other documents to enforce the protection of classified information, mission requirements, system and interconnection requirements documents);
    • Support to the review of specifications, analysis, definitions and flow-down of Security Requirements;
    • Support the preparation, drafting, reviewing, updating and maintenance of the security accreditation documentation (e.g. Security Accreditation and Certification Plan, Security Accreditation Milestones and Schedule, presentation on security accreditation status);
    • Support to the follow up and review of Security accreditation documentation which covers Service and System Security Plan and the statements of compliances to the General Security Requirements and associated documents (Mission System-Specific Security Requirements Statement (SSRS) SoC, EUSPA Cyber SoC, with all the associated documents contributing to their production);
    • Support to the analysis of security aspects, by drafting and reviewing security-related technical notes including business impact analysis, continuity and contingencies plans, audit plan;
    • Technical support for the handling of security aspects, in particular reviewing technical documents from stakeholders addressing security aspects;
    • Support to the preparation and execution of technical meetings (e.g. accreditation panel and board, task forces, expert groups, ...);
    • Contribution to the relevant risk management process;
    • Based on request, to provide the transversal support to the governance and accreditation activities performed under other components;
    • Support to the follow up of security accreditation activities in relation to new sites.

Job requirements

  • Master degree in Engineering or relevant field; Possibly Bachelor with solid experience as a fall back option;
  • Between 2 and 10 years of relevant working experience in security engineering for classified environments / defence;
  • Exposed to ISO27001 / 27002 certified environments and COMSEC information;
  • One or more of the fields of expertise are required:
    • Security Governance and risk management;
    • Security Audit and implementation;
    • Service and facility management;
    • Handling of classified documentation (EU, NATO);
    • Security accreditation;
    • Business development.
  • ISO27001 audit experience is an asset;
  • Fluency in English, both written and spoken;
  • Eligibility to work and live in the EU;
  • Eligibility for EU Personal Security Clearance is mandatory.

Please submit your application in English via the apply button below. Applications submitted in other languages will not be considered.

Details

  • Prague, Czechia
  • Toulouse, France
+1 more
EUSPA

or

What do we offer?

In ATG Europe (or our subsidiaries) you will have the chance to work on the most interesting and technologically advanced projects in the space, big-science, and high-tech domains. You will enjoy the focused yet relaxed spirit and culture of our teams and the excellent working conditions our company provides. We firmly believe that development and growth perspectives are crucial to everyone’s career, and we therefore provide you with a personal development plan, regular assessment checkpoints and a dedicated training and education budget to support you, not only in your current work, but also paving the road to your next professional steps.

For those relocating in order to embrace a new career with us, we offer international relocation assistance in settling in your new home or finding the right school for your children and a relocation budget that is applicable to all ATG staff.

About ATG Europe

Today, ATG Europe is recognized as a leading provider of specialized engineering, scientific and technical services to the European Space, Big-Science, and high-tech industry. Our headquarters are located in Noordwijk, the Netherlands and we have subsidiaries in Germany, Ireland, Spain, Italy, and the UK. Besides these countries, ATG also operates in France, Czech Republic, Sweden, Norway, and Belgium.