Location
ESTEC, Noordwijk, Netherlands

Description

Security Engineer in the System Security Section (TEC-SES), End-to-End Systems Division, Systems Department, Directorate of Technology, Engineering and Quality.

The System Security Section is responsible for the end-to-end system security engineering of the Agency’s missions, projects and activities in the space, ground and user segments and in relation to communication links at system, subsystem, element and equipment level. It covers the missions from the study phase to the definition of requirements, design, development, security integration and verification and security service preparation, across the full stack, from the physical to the application layer.

To serve these functions, the Section defines and executes the associated technology research and development (R&D) and studies, as well as the required security engineering standards.

Using security laboratory facilities, the Section performs vulnerability assessments at all levels of responsibility, proposing detection methods and mitigation and protection measures using security assessment tools and equipment.

The Section provides functional support to ESA missions and projects in the area of security engineering and cyber security.

Duties

Your tasks and responsibilities will include:

participation in programme reviews of projects, assessing design, implementation, qualification and validation, to ensure that development is in line with relevant programme security requirements;
reviewing and contributing to system security architecture and system security requirements;
analysing and accessing security-related requests for deviations and waivers and recommending the proposed way forward;
reviewing design, proposed implementations and technologies, identifying potential vulnerabilities, analysing their exploitability and their impact and proposing the appropriate mitigations and required countermeasures;
following the implementation of mitigation actions, either internally or with industry or partners;
coordinating with the ESA Security Office in relation to security risks, vulnerability assessment and threat analysis in order to follow up the related design and development implementation;
working closely with the ESA Security Office and the relevant Project(s) for security certification and accreditation related aspects;
organising vulnerability assessment and penetration testing campaigns, assessing the findings, proposing mitigations and analysing collected evidence of fixed and mitigated vulnerabilities;
supporting the development and maintenance of various technical documents, such as requirements, security management plans and risk assessments;
following system integration, testing, verification and validation, assessing compliance with security requirements and proposing treatment plans;
fostering new security application areas for multidisciplinary activities, placing emphasis on innovative concepts, cutting-edge technologies and system architectures in the field of security;
proposing and supervising/following, as a technical officer, R&D activities in the area of security for space systems and missions;
participating in the follow-up of industrial contracts relating to the procurement of expertise, technology development, laboratory tools and equipment, among other things;
acting as a project/system security officer (PSSO) if required;
supporting laboratory activities as required;
continuously following technological trends and evolutions in the scientific fields relevant to the position.

Duties may also include supporting other activities within your field of competence.

Technical competencies

Knowledge of space system engineering

Very good knowledge of security threats against space missions and corresponding mitigations

Technical expertise in cyber security

Technical knowledge of modern secure network protocols

Good knowledge of modern applied cryptography

Good knowledge of security standards, hardening guidelines and security best practices

Knowledge and experience of vulnerability analysis

Behavioural competencies

Result Orientation
Operational Efficiency
Fostering Cooperation
Relationship Management
Continuous Improvement
Forward Thinking

For more information, please refer to the ESA Core Behavioural Competencies guidebook

Education

A master’s degree or PhD in telecommunications engineering, cyber security, computer/network engineering, aerospace engineering or another relevant engineering field is required for this post.

Additional requirements

Knowledge of information security management systems is desirable.

Knowledge in the following areas will be considered an asset:
•   Space flight avionics and the associated security
•   CCSDS protocols
•   RF security

Additional requirements:

Very good analytical and problem-solving skills.
Strong communication, presentation and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and with industry.

You must be eligible for security clearance by your national security administration.

Diversity, Equity and Inclusiveness
ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. We therefore welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, beliefs, age, disability or other characteristics. Applications from women are encouraged.

At the Agency we value diversity, and we welcome people with disabilities. Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace. The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further, please contact us via email at contact.human.resources@esa.int.

Important Information and Disclaimer
In principle, recruitment will be within the advertised grade band (A2-A4). However, if the selected candidate has less than four years of relevant professional experience following the completion of the master’s degree, the position may be filled at A1 level.

Applicants must be eligible to access technology and hardware which is subject to European and US export control regulations & security clearance by their national security administrations.

During the recruitment process, the Agency may request applicants to undergo selection tests. Additionally, successful candidates will need to undergo basic screening before appointment, which will be conducted by an external background screening service, in compliance with the European Space Agency's security procedures.

Note that ESA is in the process of transitioning to a Matrix setup, which could lead to organisational changes affecting this position.

The information published on ESA’s careers website regarding working conditions is correct at the time of publication. It is not intended to be exhaustive and may not address all questions you would have.

Nationality and Languages
Please note that applications can only be considered from nationals of one of the following States: Austria, Belgium, Czechia, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, the United Kingdom and Canada, Latvia, Lithuania, Slovakia and Slovenia.

According to the ESA Convention, the recruitment of staff must take into account an adequate distribution of posts among nationals of the ESA Member States*. When short-listing for an interview, priority will first be given to internal candidates and secondly to external candidates from under-represented Member States*.

The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.

*Member States, Associate Members or Cooperating States.

Systems Security Engineer

Job description