System Security Engineer
Didcot, United Kingdom
CS GROUP
CS GROUP assure la conception, la réalisation, le déploiement, la maintenance et l’exploitation de systèmes intelligents, sûrs, sécurisés & interconnectés.Company Description
HE Space is a successful international space company. For 40 years, we have been supporting our customers with qualified experts in the field of engineering, science and administration.
Job Description
As a member of a team providing services to ECSAT, some of your responsibilities will be the following:
- Analysis of the existing D-SRR deliverables provided as input to the assignment. Identifying, proposing and implementing any identified possible improvements from the methodology and analysis perspective (e.g., traceability, completeness, consistency, maintainability);
- Continuation of a rigorous security risk assessment to establish threat and risk scenarios, target security assurance levels (ESA Protection Levels) and derived mitigation strategies;
- Refinement and maintenance of the SSRS, including conducting a critical review of the existing SRR baseline, ensuring justified, adequate and proportional security functional and assurance requirements aligned with the target security assurance levels derived from the risk assessment, and justifying and explaining the requirements baseline to stakeholders;
- Provision of security engineering support, expert analysis and consultancy, including explanation of best practices / standards with respect to the EGOS-MG technologies;
- Support to, in coordination with the EGOS-MG System team, production of the SSRS Verification Control Document based on delivered verification evidences from Environments, EMMS/sub-WP and IT Services;
- Support to, in coordination with the Mission Project Specific Security Officer, the production of the SECOPS Verification Control Document based on delivered verification and validation evidences from the system Operators/Maintainers;
- Maintenance and update of the EGOS-MG System Security Risk Assessment, including production and maintenance of a Residual Risk Register, Risk Treatment Plan and summary reports on overall status to support related ESA Management and Risk Owner decisions;
- And others.
Qualifications
As part of the team, you will have the following qualifications and relevant experience:
- BSc or Master´s degree required;
- MBSE, Security;
- Extensive System Security Architect experience;
- Extensive System Security Risk Analyst experience;
- Extensive applied experience in the conduct of Security Penetration Tests on complex modern IT system and application architectures;
- Extensive applied experience in the conduct of System Security and Configuration Audits;
- Applied experience in System Security Engineering, Security Architecture Specification and Design Definition;
- Applied Systems Engineering experience for large complex systems (preferably in Space Mission Ground Segment systems);
- Fluency in English is mandatory; knowledge of another European language is an advantage.
In addition to the above, the following skills are considered an asset:
- Knowledge of modern software, system security threats, risks and associated mitigating controls, preferably also in the domain of Space Mission Ground Segment systems;
- Knowledge of Model Based Systems Engineering (in particular applied experience with the MagicDraw tool), preferably in the Object Management Group’s Unified Architectural Framework;
- Knowledge and experience of modern enterprise IT security solutions (e.g., IAM, SSO, DevSecOps, Zero Trust Architectures, Service Mesh, Cloud Native applications security, managed Cloud services, CI/CD, container security, Infrastructure as Code) and associated best practices, standards, design, integration and verification;
- Knowledge of ESOC infrastructure and operational environment;
- Knowledge of space mission ground segment key functions and associated security risks.
Additional Information
This job is located in Harwell.
If you think you have what it takes for this job, please send your CV (in English and in Word or PDF) to Medina Djakova, by clicking on the button “I´m interested” quoting job UK-HP-5088.
Deadline to apply: before 18th May 2023.
An exciting and dynamic international working environment awaits you!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CI/CD Cloud DevSecOps IAM Risk assessment SecOps SSO Zero Trust
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs