Information Security Engineer

Job ID: FAM-162

Deadline: 18 January 2021

Aurora is an established supplier of skilled manpower to ESA and in particular at ESTEC and ESAC. Aurora has the opportunity to expand our support to the Facility Management Infrastructure Section. Happiness of our employees has proven key to obtaining excellent results and a client who also regards us highly for excellent service.

Overview

The core tasks will consist of the following activities:

  • Monitor and control the ESA IT infrastructure and services using SIEM, EDR technologies and others state of the art security tools.
  • Investigate ESA IT system’s security incidents and breaches.
  • Support remediation activities related to security incidents.
  • Create reports and visualizations of security attacks.
  • Support penetration test and vulnerabilities assessment for ESA IT systems.
  • Contribute to the ESA IT Security Awareness Program.
  • Contribute to the evolution of the ESACERT Service and security tools.
  • Support consistent vulnerability management / patch management process.
  • Participate to recurrent meeting with the customer as the technical referent.
  • Participate to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting).
  • Keep track of all operational activities via the ESACERT Ticket Management system.
  • Proficiency in the core capabilities of the ESACERT Team. Familiarity with the specific tool would constitute and asset for the candidates, but it is not mandatory requirements. Complementary activities will be as well an asset:
  • Core capabilities
    • Incident Handling:
      • Incident handling procedures (NIST)
      • TheHive, Cortex
    • Security Monitoring and Analytics:
      • SIEM technology’s: Archsight
    • Security Analytics: Any BigData tools (e.g. SPLUNK)
    • Malware and ATP Technology’s:
      • EDR: CISCO AMP, CISCO Umbrella
      • TrendMicro Solutions
      • Microsoft ATP Defender and O365 Security Framework
      • Sandboxing: VMray, TM DDAN, Open source
    • Penetration Testing &Vulnerability Assessment/Management:
      • Nessus
      • Burp
      • Netsparker
      • SkyBox
      • OWASP Methodology
  • Complementary capabilities
    • Security Intelligence:
      • OSINT Framework
      • MISP
      • Shodan
      • Maltego
    • Network Security:
      • TCP/IP
      • Routing: BGP, OSPF, MPLS
      • DNS, NTP, TLS
      • Firewall and Proxy
    • Forensics Analysis:
      • SIFT
      • Autopsy
    • Security Awareness:
      • Phishing & Simulation: KnowBe4
      • Early Warning: Flexera

Specific qualification requirements

  • At least a Master’s degree (MSc) in Engineering or related specialization.
  • At least 5 years’ experience working in a technical security position and shall be highly motivated.
  • Have good interpersonal and organizational skills.
  • Be an excellent team player.
  • Have strong time management skills with the ability for multitasking
  • Have solid Communication skills
  • Have proven experience that shows proficiency in the Core and
    Complementary capabilities.
  • Be able to write and manage Project and Service Documentation.
  • Have working knowledge of Office365 Security Tools.
  • Have working knowledge of data protection based on a defense-in-depth approach.
  • Have working knowledge of the ITIL and the ISO27000 Framework.
  • Have National Security Clearance or willing to obtain it when starting the job
  • Willing to travel for user community related requirements and issues.
  • Have working experience with encryption technology and tools.
  • Have Security IT Certifications, preferably SANS or OSCP as an asset.
  • Knowledge of the ESA or EU Data Classification model is an asset.
  • Be proficient in scripts and programming languages (Python, php, Powershell, JavaScript), OSs (Linux, Windows OSX, VMware), database (MySQL), Networking (TCP/IP).
  • Be fluent in spoken and written English.

Legal and Security Requirements

  • All applicants must be legally allowed to work in The Netherlands
  • Applicants are required to provide a copy of their passport and degree certificate. Aurora will validate the Degree with the issuing University and provide evidence to ESA.
  • Prior to issuing a letter of employment the applicant shall provide to Aurora a recent official document declaring that they are of good conduct from the country where currently resident.

Location

The work will be performed at the European Space Technology and Research Centre (ESTEC) at Noordwijk, The Netherlands.

Contract

  • The selected candidate will receive good remuneration.
  • Will be registered for both social security and tax in the Netherlands.
  • The standard working hours are 40 per week. There are 12 public holidays and an additional 30 annual days holiday.
  • Training to improve efficiency and provide strength for future career are of course included.
  • Aurora assist with relocation both with support and financially.
  • Aurora contributes to a company pension scheme.

To be considered for this Position

Prior to 18 January 2021, please apply via our Job Application form quoting FAM-162 (RT-C/HIF-IHS/00162) as reference.

Aurora will agree conditional employment terms and conditions with candidates before presenting their detailed technical proposal and candidates to ESA by midday 21 January 2021.

If not directly interested, feel free to share by this Job Vacancy with your friends!