je.st
news
Security Risk Analyst
2020-04-16 18:16:02| Space-careers.com Jobs RSS
Position Reference 046 RHEA Group is currently recruiting a Security Risk Analyst to support the RHEA Security Services Business Unit. You will have the opportunity to work in a challenging environment with stateoftheart technologies and challenging security projects. As a Security Risk Analyst, you will be involved in risk assessment exercise required in our Security and Research Development projects in order to pursue the securitybydesign approach, support the delivery of security operations services and cybersecurity training. If you have a passion or interest for cyber security and would like to join a team of seasoned experts with diverse backgrounds, then you are in the right place! At RHEA Group will have the opportunity to work and learn in an exciting environment and participate in unique cybersecurity projects for the European Space Agency, NATO and the European Commission. Tasks and Activities The scope of work will include Perform security risk assessment leveraging different methodologies including ISO27005, MEHARI, HTRA Perform security requirements elicitation from the risk assessment results Prepare security risk treatment plan Implement the securitybydesign approach Design of secure architecture encompassing firewalls, IDSIPS, VPN, AAA, encryption etc. Provisioning of best practice advice and guidance in the areas of cyber defence and security operations supporting incident detection, analysis and response including operations policy and procedure development Prepare and deliver training modules in the frame of RHEA Cyber security training courses. Skills and Experience The following skills and experience are mandatory You have a Bachelors or masters in computer science, engineering, IT or a related field You have at least 5 years proven work experience as security risk analyst or security engineer You have experience in delivery of operations services or specification of solutions for cyber defence or security operations including some of the following o ISO 27000 series standards o Information Security policies, standards, and procedures o Information Security concepts involving confidentiality, integrity and availability o Information Security concepts involving threat, vulnerability and risk analysis o Cloud Computing or virtual machine security o Cyber Defence or Continuous Monitoring Solutions o Trusted Product Evaluation standards such as Common Criteria or FIPS 140 o Secure technology standards such as Trusted Platform Module, Trusted Execution Environment o Certification and Accreditation concepts and processes o Cryptography and Public Key Infrastructure PKI o Identity Management systems o Technical vulnerability assessment VA and penetration testing PenTest o Vulnerability and patch management solutions o Host or network based Intrusion Detection and Prevention Systems IDSIPS o Firewalls or Unified Threat Management UTM systems o Virtual Private Networking VPN. o Network Management NM systems o Security Information and Event Management SIEM systems You have knowledge in one or more of the following o Information Security concepts involving incident detection, analysis, decision support and response o Network Local Area Networking LAN, Metropolitan Area Networking MAN or Wide Area Networking WAN technologies o Internet Protocols such as TCPIP, UDP, RIP, OSPF, BGP, SIP, SNMP, IPSec, SSL, TLS o End system architectures and operating systems such as Windows, Linux. o Virtualization technologies such as KVM, VMWare, open nebula etc You have a professional qualification or certification such as CISSP, OSPT or similar. You possess strong interpersonal skills, team working, good analytic and problem solving capabilities. You have strong communication and documentation abilities. You are detailoriented. You have an analytical mind and problemsolving aptitude. You have effective time management and organizational skills. You have past experience in cyber security for space, defense, critical infrastructure, finance or government systems. How to Apply Looking to take your career to the next level? Interested applicants should submit their CV and Cover Letter to RHEAs Recruitment team at careersrheagroup.com no later than 22052020. Preference will be given to candidates with an EU or national personal security clearance at the level of CONFIDENTIAL or above. Eligibility for the clearance is a must. About RHEA Group RHEA Group is a leading engineering consultancy firm with demonstrated expertise in space, system and secure software solutions. We attract skilled engineers, scientists and management professionals and offer a range of exciting career paths working alongside clients such as the European Space Agency, the European GNSS Agency, EUMETSAT and NATO.
Tags: security
risk
analyst
risk analyst
Category:Transportation and Logistics