System Security Engineer

Company Description

HE Space is a successful international space company. For 40 years, we have been supporting our customers with qualified experts in the field of engineering, science and administration.

Job Description

As a member of a team providing services to ECSAT, some of your responsibilities will be the following:

• Analysis of the existing D-SRR deliverables provided as input to the assignment. Identifying, proposing and implementing any identified possible improvements from the methodology and analysis perspective (e.g., traceability, completeness, consistency, maintainability);
• Continuation of a rigorous security risk assessment to establish threat and risk scenarios, target security assurance levels (ESA Protection Levels) and derived mitigation strategies;
• Refinement and maintenance of the SSRS, including conducting a critical review of the existing SRR baseline, ensuring justified, adequate and proportional security functional and assurance requirements aligned with the target security assurance levels derived from the risk assessment, and justifying and explaining the requirements baseline to stakeholders;
• Provision of security engineering support, expert analysis and consultancy, including explanation of best practices / standards with respect to the EGOS-MG technologies;
• Support to, in coordination with the EGOS-MG System team, production of the SSRS Verification Control Document based on delivered verification evidences from Environments, EMMS/sub-WP and IT Services;
• Support to, in coordination with the Mission Project Specific Security Officer, the production of the SECOPS Verification Control Document based on delivered verification and validation evidences from the system Operators/Maintainers;
• Maintenance and update of the EGOS-MG System Security Risk Assessment, including production and maintenance of a Residual Risk Register, Risk Treatment Plan and summary reports on overall status to support related ESA Management and Risk Owner decisions;
• And others.

Qualifications

As part of the team, you will have the following qualifications and relevant experience:

• BSc or Master´s degree required;
• MBSE, Security;
• Extensive System Security Architect experience;
• Extensive System Security Risk Analyst experience;
• Extensive applied experience in the conduct of Security Penetration Tests on complex modern IT system and application architectures;
• Extensive applied experience in the conduct of System Security and Configuration Audits;
• Applied experience in System Security Engineering, Security Architecture Specification and Design Definition;
• Applied Systems Engineering experience for large complex systems (preferably in Space Mission Ground Segment systems);
• Fluency in English is mandatory; knowledge of another European language is an advantage.

In addition to the above, the following skills are considered an asset:

• Knowledge of modern software, system security threats, risks and associated mitigating controls, preferably also in the domain of Space Mission Ground Segment systems;
• Knowledge of Model Based Systems Engineering (in particular applied experience with the MagicDraw tool), preferably in the Object Management Group’s Unified Architectural Framework;
• Knowledge and experience of modern enterprise IT security solutions (e.g., IAM, SSO, DevSecOps, Zero Trust Architectures, Service Mesh, Cloud Native applications security, managed Cloud services, CI/CD, container security, Infrastructure as Code) and associated best practices, standards, design, integration and verification;
• Knowledge of ESOC infrastructure and operational environment;

• Knowledge of space mission ground segment key functions and associated security risks.

Additional Information

This job is located in Harwell.

If you think you have what it takes for this job, please send your CV (in English and in Word or PDF) to Medina Djakova, by clicking on the button “I´m interested” quoting job UK-HP-5088.

Deadline to apply: before 18th May 2023.

An exciting and dynamic international working environment awaits you!