IT Security Engineer - Information and Infrastructure Protection (2 posts)

Darmstadt, DE

European Space Agency - ESA

The European Space Agency portal features the latest news in space exploration, human spaceflight, launchers, telecommunications, navigation, monitoring and space science.

View company page


Vacancy in the Directorate of Internal Services.


ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. We therefore welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, beliefs, age, disability or other characteristics. Applications from women are encouraged.


This post is classified A2-A4 on the Coordinated Organisations’ salary scale.


ESOC, Darmstadt, Germany or ESRIN, Frascati, Italy



You will report to the Head of the IT Security Section in the Security and Shared Infrastructure Services Division within ESA’s Information Technology Department, drive the implementation of solutions at all levels, manage security projects end-to-end, and support appropriate operational services for security solutions.


To implement solutions, ESA leverages various vendors and industry solution providers. The resulting services are operated and maintained by external service providers.


A specific environment for handling ESA CLASSIFIED RESTRICTED data has been developed and is in a constant state of functional evolution to better meet the needs of stakeholders. 


You will have a high degree of autonomy to perform the following duties:

  • Propose solutions to enhance IT and cyber security and new security services for the Agency;
  • Engineer new IT security solutions and enhancements/evolutions of existing ones;
  • Act as the security lead on Department IT projects;
  • Provide technical and engineering support to colleagues such as the PSSO (Project System Security Officer) and ITNSM (IT Network Security Manager).

More concretely, you will:

  • in collaboration with various stakeholders, develop and validate use case scenarios for new products and services;
  • define User and Service requirements and procedures for security-related solutions and services;
  • identify the budget needs and prepare statements of work (requirements) for projects under your responsibility and participate in the relevant procurement activities;
  • validate the security architecture, drive and supervise the implementation of new solutions;
  • rigorously apply the secure systems engineering process to ensure proper certification and accreditation by the ESA Security Office where required;
  • define the operational model for new products and services and ensure successful service readiness review;
  • contribute to the continuous evolution and improvement of the IT Security Section and the security posture of the Agency;
  • develop and maintain appropriate documentation.

To achieve this, you will have to:

  • acquire a good understanding of esait’s various services, underlying systems and components;
  • identify and propose reusable IT security building blocks for various IT systems and services;
  • understand the overall effectiveness of esait security management and engineering processes and maintain a good knowledge of existing and upcoming legislation and standards;
  • define and explain security use-cases and operating procedures to both end-users and service/solution providers.

Technical competencies

Secure system engineeringRequirements engineeringIT architecture designEncryption solutions, protocols and standardsIT security risk managementProject and technical managementSecurity certification and/or accreditation

Behavioural competencies

Result Orientation
Operational Efficiency
Fostering Cooperation
Relationship Management
Continuous Improvement
Forward Thinking


A master's in computer science, IT, cyber security, software engineering or other relevant discipline is required for this post. 

Additional requirements

You are expected to be a self-starter, an effective communicator and able to drive projects and processes autonomously. 

Demonstrated experience of successful management of security engineering or security architecture in a large company is mandatory.  

Experience with security certification and/or accreditation in the context of sensitive and/or classified information  is essential.

Other information

For behavioural competencies expected from ESA staff in general, please refer to the ESA Competency Framework.

For further information please visit: Professionals, What we offer and FAQ   


The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.     

Applicants must be eligible for security clearance by their national security administrations.

The Agency may require applicants to undergo selection tests.


At the Agency we value diversity and we welcome people with disabilities.  Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace.  The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further please contact us email


Please note that applications are only considered from nationals of one of the following States: Austria, Belgium, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, the United Kingdom and Canada, Latvia, Lithuania, Slovakia and Slovenia.


According to the ESA Convention, the recruitment of staff must take into account an adequate distribution of posts among nationals of the ESA Member States*. When short-listing for an interview, priority will first be given to internal candidates and secondly to external candidates from under-represented Member States*.  


In accordance with the European Space Agency’s security procedures and as part of the selection process, successful candidates will be required to undergo basic screening before appointment conducted by an external background screening service. 


In principle, recruitment will be within the advertised grade band (A2-A4). However, if the selected candidate has less than four years of relevant professional experience following the completion of the master’s degree, the position may be filled at A1 level. 

*Member States, Associate Members or Cooperating States.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Clearance Computer Science Network security Security Clearance

Region: Europe
Country: Germany
Job stats:  15  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.