Systems Security Engineer

Description

Security Engineer in the System Security Section (TEC-SES), End-to-End Systems Division, Systems Department, Directorate of Technology, Engineering and Quality.

The System Security Section is responsible for the end-to-end system security engineering of the Agency’s missions, projects, and activities in the space, ground, and user segments and in relation to communication links at system, subsystem, element, and equipment level. It covers the missions from the study phase to the definition of requirements, design, development, security integration and verification, and security service preparation, across the full stack, from the physical to the application layer.

To serve these functions, the Section defines and executes the associated technology research and development (R&D) and studies, as well as the required security engineering standards.

Using security laboratory facilities, the Section performs vulnerability assessments at all levels of responsibility, proposing detection methods, and mitigation and protection measures using security assessment tools and equipment.

The Section provides functional support to ESA missions and projects in the area of security engineering and cyber security.

Duties

Your tasks and responsibilities will include:

• participation in programme reviews of projects, assessing design, implementation, qualification, and validation, to ensure that development is in line with relevant programme security requirements;
• reviewing and contributing to system security architecture and system security requirements;
• analysing and accessing security-related requests for deviations and waivers and recommending the proposed way forward;
• reviewing design, proposed implementations, and technologies, identifying potential vulnerabilities, analysing their exploitability and their impact, and proposing the appropriate mitigations and required countermeasures;
• following the implementation of mitigation actions, either internally or with industry or partners;
• coordinating with the ESA Security Office in relation to security risks, vulnerability assessment, and threat analysis in order to follow up the related design and development implementation;
• working closely with the ESA Security Office and the relevant Project(s) for security certification and accreditation related aspects;
• organising vulnerability assessment and penetration testing campaigns, assessing the findings, proposing mitigations and analysing collected evidence of fixed and mitigated vulnerabilities;
• supporting the development and maintenance of various technical documents, such as requirements, security management plans, and risk assessments;
• following system integration, testing, verification, and validation, assessing compliance with security requirements and proposing treatment plans;
• fostering new security application areas for multidisciplinary activities, placing emphasis on innovative concepts, cutting-edge technologies, and system architectures in the field of security;
• proposing and supervising/following, as a technical officer, R&D activities in the area of security for space systems and missions;
• participating in the follow-up of industrial contracts relating to the procurement of expertise, technology development, laboratory tools, and equipment, among other things;
• acting as a project/system security officer (PSSO) if required;
• supporting laboratory activities as required;
• continuously following technological trends and evolutions in the scientific fields relevant to the position.

Duties may also include supporting other activities within your field of competence.

Technical competencies

• Knowledge of space system engineering
• Very good knowledge of security threats against space missions and corresponding mitigations
• Technical expertise in cyber security
• Technical knowledge of modern secure network protocols
• Good knowledge of modern applied cryptography
• Good knowledge of security standards, hardening guidelines and security best practices
• Knowledge and experience of vulnerability analysis

Behavioural competencies

• Result Orientation
• Operational Efficiency
• Fostering Cooperation
• Relationship Management
• Continuous Improvement
• Forward Thinking

For more information, please refer to the ESA Core Behavioural Competencies guidebook

Additional requirements

Knowledge of information security management systems is desirable.

Knowledge in the following areas will be considered an asset:

• Space flight avionics and the associated security
• CCSDS protocols
• RF security

• Very good analytical and problem-solving skills.
• Strong communication, presentation, and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and with industry.

You must be eligible for security clearance by your national security administration.