je.st
news
Engineer, Information System Security
2013-05-22 15:37:43| Space-careers.com Jobs RSS
Engineer, Information System Security Ref SES0300 Region Europe Location Luxembourg Betzdorf Company SES Category Other Position Staff Context The jobholder manages information system related security risks. Heshe specifies and implements information system security concepts to adequately safeguard information assets of SES, its affiliates and commercial platforms. The jobholder plans, implements, documents and operates information security systems and provides information security support services to architects and systemapplication engineers within the organization to meet new and evolving security requirements. Responsibilities Support the development of a risk management framework for information system related security risks and manage information system related security risks accordingly Assess system and application security requirements, threats, vulnerabilities and security risks in complex, heterogeneous systems and throughout their life cycle Develop, deliver and maintain comprehensive and consistent security solutions Specify, implement and document information system security concepts in close collaboration with system owners and engineering groups Deliver information security support services to architects and systemapplication engineers Assist architects, systemapplication engineers in the identification and implementation of appropriate information security controls Plan, implement, document and operate information security systems Define policies, processes, procedures, configuration baselines and guidelines to ensure appropriate security risk management throughout the system life cycle Define system and application security baselines based on industry best practices. Monitor compliance with hardening baselines and manage exceptions Perform technical security assessments of information systems and applications Define and optimize the vulnerability and patch management process. Analyze reports from vulnerability assessment scanners, patch management tools, and emerging threat information, advises on the risk and remediation and monitors the mitigation of identified security issues Support engineering groups with security engineering expertise in the different security domains, such as identification and access management, authentication and authorization, secure design, system hardening, risk management, vulnerability assessment and management, security testing, secure software development Evaluate emerging risks and information security technologies to ensure an uptodate information security risk register Support security incident response with a focus on the implementation of effective preventive system security controls as well as containment, eradication and recovery of information systems Support the development and promotion of information security policies, standards, processes and procedures and monitoring compliance to the information security policy framework with a focus on information system security Lead information security projects and deliver them within time, cost and scope Support the development and maintenance of SESs information security awareness program and training program Travel and oncall duty as required. Experience Qualifications Degree in Computer Science and a minimum of 4 years industry related experience and 2 years in a system administration role Sound, handson knowledge of and experience with Managing system related security risks, including the assessment of system security risks, specification of security requirements, the definition of security concepts, secure system design, implementation of security controls, specification of secure configuration baselines, assessment of security controls and vulnerabilities, Operating Systems MS Windows and Linux, CitrixVMWare and applications, including a clear understanding of their vulnerabilities and how to secure them, Vulnerability, compliance and patch management for complex, heterogeneous systems, Virtualization and Data Center technologies and corresponding security technologies, Identity and Access Management and Strong Authentication Systems, Public Key Infrastructures, AntiVirus and Hosted based Intrusion Prevention Systems Security Information and Event Management, Data Leakage Prevention, Security standards, best practices and guidelines e.g., NIST SP800 series, DISA STIGs, CIS, etc. Relevant product and general security certifications e.g., GCWN, MCSE, GCED, GCUX, GCIH, GISP, CISSPISSEP, CISSPISSAP, GPEN, CEH and knowledge of the satellite industry are a plus Solid knowledge of IT security threats, vulnerabilities, security technologies, controls and best practices Understand all stakeholders in the IT security process and possess the ability to explain security rationales and controls to nontechnical audiences Sound analytical skills as well as the ability to provide practical conclusions Autonomous, innovative mind and good problem solving skills Good project management and organization skills Ability to coordinate business requirements and work both autonomously and in interdisciplinary teams Ability to effectively respond to and interact with all levels of organizational staff Be fluent in English any other language being an asset Excellent written and verbal communication skills. Our Offer Competitive salary package, coupled with a diverse array of challenges and development benefits. SES is an Equal Opportunity and Affirmative Action Employer. This position reports to Manager, Global IT Security Apply for this Job online
Tags: information
system
security
engineer
Category:Transportation and Logistics