Senior) Engineer, Cloud & IT System Security (m / f)
PRIMARY RESPONSIBILITIES / KEY RESULTS AREAS
Support the development of a risk management framework for information system related security risks and manage information system related security risks accordingly
Assess system and application security requirements, threats, vulnerabilities and security risks in complex, heterogeneous systems and throughout their life cycle
Develop, deliver and maintain comprehensive and consistent security solutions to mitigate identified risks to an acceptable level
Specify, implement and document information system security concepts and information security controls for new systems and operational systems in close collaboration with system owners and engineering groups
Deliver information security support services to architects and system / application engineers by providing clear, concise and constructive recommendations regarding information system and application security
Assist architects, system / application engineers in the identification and implementation of appropriate information security controls and hardening of systems to ensure effective safeguarding of SES information assets
Plan, implement, document and operate information security systems
Define policies, processes, procedures, configuration baselines and guidelines to ensure appropriate security risk management throughout the system life cycle
Define system and application security baselines based on industry best practices, which efficiently and effectively mitigate risks, while respecting functionality and operational constraints.
Monitor compliance with hardening baselines and manage exceptions.
Perform technical security assessments of information systems and applications to identify vulnerabilities and non-compliance with established security standards and recommend effective mitigation strategies
Define and optimize the vulnerability and patch management process. The job holder analyses reports from vulnerability assessment scanners, patch management tools, and emerging threat information, advises on the risk and remediation and monitors the mitigation of identified security issues.
Support engineering groups with security engineering expertise in the different security domains, such as identification and access management, authentication and authorization, secure design, system hardening, risk management, vulnerability assessment and management, security testing, secure software development
Evaluate emerging risks and information security technologies to ensure an up-to-date information security risk register and to define and implement effective, state-of-the-art security concepts.
Support security incident response with a focus on the implementation of effective preventive system security controls as well as containment, eradication and recovery of information systems.
Support the development and promotion of information security policies, standards, processes and procedures and monitoring compliance to the information security policy framework with a focus on information system security.
Lead information security projects as laid down in SES’s information security strategy and deliver them within time, cost and scope.
Support the development and maintenance of SES’s information security awareness program and training program with content dedicated for system engineers to ensure consistent management of information system security risks.
Travel and on-call duty as required
Ability to learn new technologies quickly
Sound analytical skills as well as the ability to provide practical solutions
Autonomous, innovative mind and good problem-solving skills
Self-motivating with proven ability to deliver on complex and time critical tasks / projects
Good project management and organization skills
Ability to effectively interact with organizational stakeholders
Understand all stakeholders in the information security process and possess the ability to explain security rationales and controls to non-technical audiences
Ability to understand business requirements and work towards solutions, both autonomous and in teams
Excellent team player and ability to work in international and interdisciplinary teams
Ability to establish well-written, structured documents (e.g. designs and infrastructure documentation)
Be fluent in English (any other language being an asset)
Excellent written and verbal communication skills
QUALIFICATIONS & EXPERIENCE
Degree in Computer Science and a minimum of 4 years industry related experience and 2 years in a system administration role
Sound, hands-on knowledge of and experience with :
Managing system related security risks, including the assessment of system security risks, specification of security requirements, the definition of security concepts, secure system design, implementation of security controls, specification of secure configuration baselines, assessment of security controls and vulnerabilities
Knowledge of Cloud Solutions (e.g., Azure, AWS, SalesForce, )
SSO / SAML, JSON, PowerShell, RestAPI, related scripting technologies advantageous
Operating Systems (MS Windows and Linux), Citrix / VMWare and applications, including a clear understanding of their vulnerabilities and how to secure them
Vulnerability, compliance and patch management for complex, heterogeneous systems
Virtualization and Data Center technologies and corresponding security technologies
Identity and Access Management and Strong Authentication Systems
Public Key Infrastructure (e.g., Public Certificate Management, Internal Certificate Management, )
Anti-Virus and Host-based Intrusion Prevention Systems
Security Information and Event Management
Data Leakage Prevention
Security standards, best practices and guidelines (e.g., NIST SP-800 series, DISA STIGs, CIS, etc.)
Relevant product and general security certifications (e.g., AWS-CSA, GCWN, MCSE-Cloud, CompTIA Cloud, GCED, GCUX, GCIH, GISP, CISSP-ISSEP, CISSP-ISSAP, GPEN, CEH) and knowledge of the satellite industry are a plus
Solid knowledge of IT security threats, vulnerabilities, security technologies, controls and best practices
NATO / EU SECRET clearances are considered a strong asset. Candidate must be willing to undergo a security clearance procedure as this position might require holding security clearance
WHAT'S IN IT FOR YOU?
In addition to a competitive salary and benefits package, we offer you a truly global opportunity in an exciting industry and all the support you’ll need for both your professional and personal development.
But most of all, we offer a truly unique opportunity to play your part in making a difference for those who need it most.
We strive to uphold honesty, transparency and courage in everything we do. We’re proud to belong to the SES team and collaborate towards success.
GOOD TO KNOW
SES and its Affiliated Companies are committed to hiring and retaining a diverse workforce. We are an Equal Opportunity / Affirmative Action employer and will consider all qualified applicants for employment without regard to race, color, religion, gender, pregnancy, sex, sexual orientation, gender identity, national origin, age, genetic information, protected veteran status, disability, or any other basis protected by local, state, or federal law.
In conformity with U.S. Government technology export regulations, including the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR), and / or other applicable U.
S. law, regulation or other requirements imposed by the U.S. Government, certain positions may require U.S. Citizenship, status as a lawful permanent resident of the U.
S. or a protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligibility to obtain the required authorizations from the U.
S. Department of State or U.S. Department of Commerce.