Information Security Engineer

Aurora is an established supplier of skilled manpower to ESA and in particular at ESTEC and ESAC. Aurora has the opportunity to expand our support to ESA in the domain of FAM- Facility Management. We are looking for an Information Security Engineer to support the IT Security Section in the Directorate of HIF.

Happiness of our employees has proven key to obtaining excellent results and a client who also regards us highly for excellent service.

Overview

The core tasks of the Information Security Engineer will consist of the following activities:

ESACERT based Security Service:

• Security Monitoring and Analytics: SIEM technology’s, SPLUNK syslog.
• Security Awareness: develop and deliver security awareness and compliance training programs, conduct knowledge transfer training sessions to security operations, team upon technology implementation.
• Forensics Analysis: utilize investigative methods, forensic software and hardware to locate specific electronic data including; internal and external e-mail, Internet history usage, documents, malware, and other files to support ESACERT Service manager.
• Vulnerability Management: utilize standard vulnerability tools like Nessus, Acunetix , OpenVas.
• Security Intelligence: integration within existing tool of Security Intelligence services, knowledge of OSINT tools MISP.
• Incident Response: incident Handling & Reporting, vulnerability Scanning, SIEM Log Analysis, firewall Analysis, malware and APT.
• ICT Infrastructure management: maintaining CERT technical environment infrastructure, servers, Appliances, VMs and workstations used for the daily security activities.
• Analysis of ESA environment software/hardware against security risks Security White Papers.

Zed! Support to Directorates.
Zed! Is a software solution from Primex technology that has been selected as EU dual approved encryption technology suitable for ESA classified documents up to ‘’Restricted’’. Zed! Uses encrypted containers to protect file transports regardless of the method used (email attachment, USB stick, removable device, file transfer, etc.)

Support needs to be provided to end-users all over the Agency for:

• ZED! Secure software installation, configuration and disposal in according to existing procedures on supported platform (Windows,VDI/MAC).
• Preparation and maintenance of ZED! Guideline for secure utilization of the software within the ESA environment.
• Troubleshooting and support user request who has issues with the software.
• Incident Management.

Considering the nature of the service privacy and non-conflicts of interest are essential requirements to be able to deliver the service, in particular: the staff shall be ready to apply, upon ESA request, for national security clearance and the staff shall not respond to or be employed by a company that plays major roles in the delivery of IT/Technical services to ESA.

Specific qualifications requirements:

• Master degree in Computer Science or Information Security Engineering
• Fluent in English speaking and writing (e.g. B2).
• At least 4 years’ experience working in a technical security position.
• Good interpersonal and diplomatic skills, team player and should be highly motivated.
• Experience in CERT or SOC (Blue team).
• SIEM, Investigation skills on centralized log management systems.
• Penetration test and Vulnerability Assessment (Red team).
• Malware analysis (static and dynamic) with knowledge on Sandbox devices.
• Strong experience in Encryption technology and tools (e.g. ZED, PGP, PKI).
• Good knowledge of Networking and TCP/IP protocols.
• Operating Systems: Unix/Linux, Windows XP/7/2008/2012, VMWar.
• Programming Languages: C, C++ (at least one).
• Scripting Languages: PHP, Python, Perl (at least one).
• Knowledge of Firewall, IDS/IPS, proxies and VPN Gateways.
• Willing to travel for user community related requirements and issues.
• Experience in: Project Management; Writing User Manuals; Writing and managing Project and Service Documentation; Working knowledge of data protection based on a defense-in-depth approach; Working knowledge of the ITIL and the ISO27000 Framework;Knowledge of the EU Data Classification model is an asset.

Professional Certifications related Security skills are considered an asset:

• EC-Council, (http://www.eccouncil.org) Certified Ethical Hacker.
• GIAC, http://www.giac.org.
• Certified Incident handler.
• Certified penetration tester.
• Certified Forensic analys.
• Offensive Security, http://www.offensive-security.com/.

Legal and Security Requirements

• All applicants must be legally allowed to work in The Netherlands
• Applicants are required to provide a copy of their passport and degree certificate. Aurora will validate the Degree with the issuing University and provide evidence to ESA.
• Prior to issuing a letter of employment the applicant shall provide to Aurora a recent official document declaring that they are of good conduct from the country where currently resident.

Location

The work will be performed at the European Space Technology and Research Centre (ESTEC) at Noordwijk, The Netherlands.

Contract

• The selected candidate will receive good remuneration  in line with ESA Job Class.
• Will be registered for both social security and tax in the Netherlands.
• The standard working hours are 40 per week. There are 12 public holidays and an additional 30 annual days holiday.
• Training to improve efficiency and provide strength for future career are of course included.
• Aurora assist with relocation both with support and financially.
• Aurora contributes to a company pension scheme.

To be considered for this Position

Prior to 7 March 2022, please apply via our Job Application form quoting FAM-193 (RT-C/HIF-IHS/00193) as reference.

Aurora will agree conditional employment terms and conditions with candidates before presenting them by 10 March 2022, 13.00 hours.

If not directly interested, feel free to share by this Job Vacancy with your friends!