je.st
news
Tag: information security
Information Security Consultant
2021-10-08 12:12:55| Space-careers.com Jobs RSS
For one of the most famous and exciting European space projects, you will have the opportunity to support the client in defining and maintaining technical specifications for cyber security and related processes. This position is based in the Headquarters of this international institution, in the beautiful city of Prague, Czeh Republic. Tasks and Activities The scope of work will include Write cyber security policies suitable to the Galileo environment. Review cyber security policies in place. Suggest improvements to the current cyber security policies. Write policies and security requirements in English, suitable to the Galileo environment. Write securityrelated technical documentation presentations, whitepapers, technical notes, manuals, analyses, specifications, requirements etc.. Provide training to other members of the cyber team and colleagues from other departments. Manage cyber security requirements in the identified requirements management systems i.e. DOORS. Maintain traceability between Mission, SystemService requirements in DOORS. Maintain traceability between SystemService and other sets of identified requirements. Perform a gap analysis for EUSPA cyber security requirements, across existing EUSPA contracts and procurements e.g. GSC, GSOp, RLSP, GRON. Maintain applicability matrix for EUSPA cyber security requirements, across contracts and procurements. Support the optimization i.e. removing any duplications of the requirements between existing security requirements e.g. EE SREQ and new cybersecurity requirements. Support the flow down of EUSPA cyber security requirements in the relevant contracts and procurements e.g. GSOP, GSC, RLSP, Sites. Support the flow down of EUSPA cyber security requirements in coming activities e.g. HA. Support the assessment and lifecycle management of cyber RFWs and RFDs by relevant contracts and procurements. Definition of a security risk profiling methodology. Production of security risk profile for relevant contracts. Production of Matrix of sensitivity for EUSPA elements. Skills and Experience The following skills and experience are mandatory University Degree in Cybersecurity, Computer Science, Engineering or Management Information Systems. At least 3 years of professional experience in conformance testing activities related to cyber security. Experience in security risk management. Deep understanding of compliance requirements, standards, and guidelines e.g. ISO, NIST, SANS, COBIT, ITIL, CC. Experience with the standard MS Office Suite, Visio, Project, SharePoint and IBM DOORS. Strong commitment on meeting deadlines, working in complex environments and managing contingencies. Ability to work in a team, with a proactive attitude towards problem solving. Excellent command of the English language, both written and spoken i.e. Cl level of CERFL. Eligibility for a Personal Security Clearance at SECRET UEEU SECRET level, before the moment of entering into service. The following skills and experience are highly desirable First experience in a Space project and ideally in Navigation. Experience in ISO27001. CISM or CISSP certification, and knowledge of NIST. Experience in requirements elicitation. Experience in the assessment and management of supply chain security risks, and knowledge of related standards. How to Apply Looking to take your career to the next level? Interested applicants should submit their CV and Cover Letter to RHEAs Recruitment team at careersrheagroup.com no later than 30102021.
Tags: information
security
consultant
information security
Senior SIEM Architect Security Information and Event Management mfd
2021-08-20 14:12:40| Space-careers.com Jobs RSS
IT systems are used everywhere also in Space be it within the ground segment or within the space segment of our various clients. Such segments need to be protected and cybersecurity is an essential part of such protection. Holistic Security Operations Centres SOCs become more and more important for our clients to ensure such protection. While such SOCs need to consider standard IT infrastructure, they also need to be extended with space specific protection mechanisms. If you are interested to help designing and building the Security Information and Event Management SIEM solutions within those SOCs and if you bring a track record in building SIEM solutions, then you should continue reading. We are looking for architects, who would like to design, build, implement and deploy SIEM solutions with the latest technologies to protect our clients IT and Space systems from cybersecurity threats. Join our Space teams in either Darmstadt or Bochum. With a team of highly motivated and specialized experts within an international environment, we help to secure our Space clients systems during the digital transformation. Aufgaben As a Senior SIEM Architect, you will work in our crossfunctional Space and Security team to provide your experience to leading international and national Space organizations and corporations. The exciting and diverse tasks are as follows Architect, design and manage deployments of Security Information Event Management SIEM and other security solutions. Requirements engineering, User Case development in close cooperation with our clients Analyse, implement, test and optimize use cases for our clients SIEM solutions Analyse the network and IT infrastructure of our clients and plan bandwidths and capacities Act as technical SIEM expert within our for project teams and as technical point of contact for our clients Advice on the selection, implementation and operation of SIEM solutions Integration of log sources and all corresponding activities like normalisation and baselining Integration of components, processes and interfaces into our clients SIEM solutions Qualifikation Required qualifications to be successful in this role You have a structured and analytical approach Strong experience in the SIEM environment Track record of leading the delivery of SIEM technical solutions Detailed knowledge of the typical technologies that interface with SIEM solutions You are fluent in English Experience with at least one SIEM solution preferably Splunk or QRadar, ArcSight, LogPoint, etc. Experience in working with standards like ISO27000x or NIST You have a degree in IT security, computer science or similar Desirable qualifications Experience in IT System Engineering and relevant standards Experience with CICD Relevant certification such as Certified Information Systems Security Professional CISSP, Certified Information Security Manager CISM, Certified Ethical Hacker CEH or similar Experience in virtualisation andor cloud infrastructure Experience with asset management and service management Experience with penetration testing, vulnerability assessment and IT forensics Fluent in German Experience in the System Engineering Standards provided by the European Cooperation for Space Standardization ECSS Does this job sound interesting to you? Then get in touch with us, even if you cannot say yes to all the above points. We would like to get to know you.
Tags: information
management
security
event
Information Security Operations Team Leader
2021-06-10 19:13:38| Space-careers.com Jobs RSS
Information Security Operations Team Leader based in Germany Darmstadt EUMETSAT is Europes meteorological satellite agency monitoring the weather and climate from space 24 hours a day, 365 days a year Working for EUMETSAT, you can make a world of difference and be a part of something that makes a positive impact on society. You will be at the cutting edge of satellite technology, with a meaningful role in an organisation focused on spacebased observations of the Earths weather and climate. Within the Generic Systems and Infrastructure Division GSI, the Information Security Operations Team Leader is responsible for leading a team of information security engineers and for operating security solutions and delivering information security services across the organisation and supporting the continuity of operations. What youll be doing Leading a team of information security engineers both directly and via service contracts, securing longterm availability of the critical skills and maintaining uptodate technological awareness Delivering reliable information security services, ensuring that processes and procedures are in place and followed, providing monitoring and reporting services, delivering input to security policies and supporting the security design process across the organisation Leading maintenance activities, ensuring the continued availability of information security infrastructures and security services to the customers Playing an active role in introducing new security systems into operations with adequate levels of documentation and testing Acting as the main interface to customers for fault resolution and incident followup activities e.g. root cause analysis, lessons learned Leading the EUMETSAT Computer Emergency Response Team EUMCERT, including all activities related to incident response as well as interfacing the Security Operations Center SOC operations, which is an outsourced service Leading activities related to vulnerability management and ethical hacking, e.g. penetration testing, redbluepurple team exercises and similar Managing and coordinating relevant Service Level Agreements Establishing and maintaining appropriate contacts with special interest groups relating to security, andor other specialist security forums. What we offer Excellent salary, of up to Euro 7,500 NET after tax based on skills and experience Flexible working time including additional flexileave Full medical coverage for employee and family Attractive pension 30 days of annual leave 14.5 days public holidays Training and development support Relocation allowance and support if applicable Requirements Qualifications University degree or equivalent in a relevant discipline Current ITIL qualification or equivalent evidence of operational service delivery process qualification is an advantage CISSP or a similar certification is an advantage. Skills and Experience Requirements Experience of team leadership, including management of performance and maintenance of key skills and knowledge Proven experience in operations and maintenance of security solutions and security services, including network security, and highavailability systems in an operational environment. Strong communication and interpersonal skills with a proactive attitude and ability to work autonomously under pressure with a minimum of supervision. Critical thinking, methodical and organised approach to work combined with an aptitude for detail and accuracy. Recent experience leading a security operations centre as well as experience with virtual and physical network environments from both technical and management perspective, with focus on security, are an advantage. Demonstrated experience in the following technical domains is also required Network security systems engineering and operations Identity and Access Management solutions, including Privileged Access Management Security monitoring, auditing, incident response and ethical hacking on operational systems Intrusion detection, prevention and response solutions host and networkbased. Managementsupervision of an outsourced Security Operations Centre is an advantage EUMETSAT is an international organisation employing staff from across all 30 member states and this role is being advertised on multiple international job boards, but please note that this role would be based in Darmstadt, Germany and would require international applicants to relocate if successful. More about us EUMETSATs role is to establish and operate meteorological satellites to monitor the weather and climate from space 24 hours a day, 365 days a year. This information is supplied to the National Meteorological Services of the organisations Member and Cooperating States in Europe, as well as other users worldwide. EUMETSAT also operates several Copernicus missions on behalf of the European Union and provide data services to the Copernicus marine and atmospheric services and their users. As an intergovernmental European Organisation, EUMETSAT can recruit nationals only from the 30 Member States Austria, Belgium, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, The Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. EUMETSAT strictly follows the COVID guidance of the German Government. Only essential operational personnel are working on site with all others working remotely. All meetings and interviews are conducted online. All unnecessary travel is cancelled.
Tags: information
team
security
operations
Information Security Analyst
2021-03-31 16:12:45| Space-careers.com Jobs RSS
DLR GfR mbH is a company providing reliable, safe and secure aerospace services. We operate and manage the constellation of Galileo satellites in the Galileo Control Center Oberpfaffenhofen on behalf of the European Commission. Our company headquarters is located in an area widely known as a holiday destination the fivelakes region in Upper Bavaria near Munich. At the space industry location in Oberpfaffenhofen, our around 230 employees work every day in international and interdisciplinary teams on the navigation for the future. Become a part of us! Inside of the Security Department we offer the following career option Information Security Analyst fmd Reference No. 210331 YOUR MISSION The Cyber Security group within DLR GfR mbH is responsible for the security of Galileo IT applications. As Information Security Analyst for the Galileo project you are responsible within the Cyber Security Department for the regular analysis of security risks according to the requirements of the Galileo client European GNSS Agency as well as the verification of the implementation of adequate security measures and also support security audits. Your responsibilities include Independent monitoring and analysis of the regularly running procedures and applications in information security, such as access protection, encryption, configuration control, vulnerability analysis, malware detection, database activities and verification of implementation focus on the Galileo networks and systems review and analysis of event logs to detect anomalies in the local security environment and harmful activities in the Galileo local system development of proposals for dealing with them identification of potential threats to information and communication systems by evaluating the results of technical monitoring tools, in conjunction with local and global risk analyses in the Galileo system Support in the evaluation and reporting of forensic investigations Processing the security risk register, with a focus on the Galileo project Regular internal audits of the Galileo security environment, recording of measures and followup Development of training materials and regular training of project staff in connection with security incident response methodologies Regular reporting to the SiteInfosec team, rapid escalation in the event of a concrete threat situation in the IT area Regular review and documentation of the system against the security requirements defined by the customer Responsible for regularly checking security relevant logs locally and remotely YOUR QUALIFICATION Completed Bachelors degree in computer science or comparable education Many years of experience in the IT sector Many years of professional experience in the security industry Knowledge of national legal requirements as well as international standards in information security e.g. secrecy protection in the economy BMWi, NIST, ISO 27001, etc. Practical knowledge of technologies and common threats in network security Readiness for safety inspection according to SG Business fluent German and English, written and spoken Confidentiality and reliability OUR OFFER Collaboration in the European lighthouse project Galileo Trusting and appreciative cooperation in an international environment International team spirit 30 days annual leave Additional days off on 24.12., 31.12. and Shrove Tuesday WorkLifeBalance e.g. through flexible working time models and mobile office options Child care for children from 1 to 3 years Varied personnel development program Individual career options for example through secondments to partner agencies enterprises abroad Employerfinanced retirement plan Attractive location with a high recreational value in the fivelakes region near Munich And much more ... CONTACT We have aroused your interest but you still have questions about the position? Then please contact us at recruitingdlrgfr.com!
Tags: information
security
analyst
information security
Information Security Engineer
2020-12-11 14:12:40| Space-careers.com Jobs RSS
Aurora is an established supplier of skilled manpower to ESA and in particular at ESTEC and ESAC. Aurora has the opportunity to expand our support to the Facility Management Infrastructure Section. Happiness of our employees has proven key to obtaining excellent results and a client who also regards us highly for excellent service. Overview The core tasks will consist of the following activities Monitor and control the ESA IT infrastructure and services using SIEM, EDR technologies and others state of the art security tools. Investigate ESA IT systems security incidents and breaches. Support remediation activities related to security incidents. Create reports and visualizations of security attacks. Support penetration test and vulnerabilities assessment for ESA IT systems. Contribute to the ESA IT Security Awareness Program. Contribute to the evolution of the ESACERT Service and security tools. Support consistent vulnerability management patch management process. Participate to recurrent meeting with the customer as the technical referent. Participate to the continuous improvement of the service detection level, process, operational procedures, service efficiency, service reporting. Keep track of all operational activities via the ESACERT Ticket Management system. Proficiency in the core capabilities of the ESACERT Team.Familiarity with the specific tool would constitute and asset for the candidates, but it is not mandatory requirements. Complementary activities will be as well an asset Core capabilities Incident Handling Incident handling procedures NIST TheHive, Cortex Security Monitoring and Analytics SIEM technologys Archsight Security Analytics Any BigData tools e.g. SPLUNK Malware and ATP Technologys EDR CISCO AMP, CISCO Umbrella TrendMicro Solutions Microsoft ATP Defender and O365 Security Framework Sandboxing VMray, TM DDAN, Open source Penetration Testing Vulnerability AssessmentManagement Nessus Burp Netsparker SkyBox OWASP Methodology Complementary capabilities Security Intelligence OSINT Framework MISP Shodan Maltego Network Security TCPIP Routing BGP, OSPF, MPLS DNS, NTP, TLS Firewall and Proxy Forensics Analysis SIFT Autopsy Security Awareness Phishing Simulation KnowBe4 Early Warning Flexera Specific qualification requirements At least a Masters degree MSc in Engineering orrelated specialization. At least 5 years experience working in a technical security position and shall be highly motivated. Have good interpersonal and organizational skills. Be an excellent team player. Have strong time management skills with the ability for multitasking Have solid Communication skills Have proven experience that shows proficiency in the Core and Complementary capabilities. Be able to write and manage Project and Service Documentation. Have working knowledge of Office365 Security Tools. Have working knowledge of data protection based on a defenseindepth approach. Have working knowledge of the ITIL and the ISO27000 Framework. Have National Security Clearance or willing to obtain it when starting the job Willing to travel for user community related requirements and issues. Have working experience with encryption technology and tools. Have Security IT Certifications, preferably SANS or OSCP as an asset. Knowledge of the ESA or EU Data Classification model is an asset. Be proficient in scripts and programming languages Python, php, Powershell, JavaScript, OSs Linux, Windows OSX, VMware, database MySQL, Networking TCPIP. Be fluent in spoken and written English. Legal and Security Requirements All applicants must be legally allowed to work in The Netherlands Applicants are required to provide a copy of their passport and degree certificate. Aurora will validate the Degree with the issuing University and provide evidence to ESA. Prior to issuing a letter of employment the applicant shall provide to Aurora a recent official document declaring that they are of good conduct from the country where currently resident. Location The work will be performed at the European Space Technology and Research Centre ESTEC at Noordwijk, The Netherlands. Contract The selected candidate will receive good remuneration. Will be registered for both social security and tax in the Netherlands. The standard working hours are 40 per week. There are 12 public holidays and an additional 30 annual days holiday. Training to improve efficiency and provide strength for future career are of course included. Aurora assist with relocation both with support and financially. Aurora contributes to a company pension scheme. To be considered for this Position Prior to 18January 2021, please apply via ourJob Application form quoting FAM162 RTCHIFIHS00162 as reference. Aurora will agree conditional employment terms and conditions with candidates before presenting their detailed technical proposal and candidates to ESA by midday 21 January 2021.
Tags: information
security
engineer
information security