Security Engineer

Telespazio Belgium can count on almost 40 years of experience in the field of Space Operations Service & Engineering activities.

We provide a significant contribution to the most major Space programs of the European Space Agency. Our core business is to work on the ground to build bridges into space, contributing to the success of ambitious missions.

The European Space Agency is our biggest client and we provide highly qualified employees to many sites of ESA but mainly for ESTEC in the Netherlands, and we provide a permanent contract with great benefits, a good salary, a relocation package along with genuine support to our employees.

On behalf of the European Space Agency, we will be soon looking for a highly skilled Security Engineer to work in ESTEC, in the Netherlands.

What is expected from you:

The Security Engineer will be assigned in the TEC-SES Section, TEC-SE Division, TEC-S Department, Directorate of Technology, Engineering and Quality, with matrix assignment to the Connectivity and Secure Communications (CSC) Directorate Security Office (CSC-IX).

• The CSC Security Office is responsible for providing security functions for the Directorate and its Programmes, fulfilling an independent role to ensure that the programme/project decisions are compliant with ESA security rules and Programme security requirements, and that the accreditation dossiers are of sufficient quality in view of the further accreditation steps by the competent authorities, in close liaison with the ESA Security Office.
• Supporting CSC Projects development, throughout their life cycle, requiring security engineering;
• Taking on the role of Project/System Security Officer (PSSO) for specific activities, reporting to the Directorate Information Security Officer (ISO) and covering the following activities:
• Ensuring that the Communication and Information Systems (CISs), both corporate and space programme related, in their area of responsibility are secured, managed, and accounted for.
• Implementing the security of the relevant project/system/CIS in accordance with an Information Security Management System (ISMS) on the basis of a Security Risk Assessment conducted throughout the project or programme lifetime, either performed with the direct participation of the PSSO or under their supervision and verification.
• Preparing the project Information Security Management Plan and submitting it to CSC ISO for approval.
• Holding the responsibility for the Project Security Risk Management.
• Defining, maintaining, and ensuring the implementation of the system-specific security requirements statements (SSRS/SISRS) and any interconnections with external CIS, at Corporate and Space Project Level, for endorsement by the ESA SAA.
• Ensuring the acceptance tests for implemented security measures are performed and preparing the certification/accreditation dossier for ESA SAA approval.
• Specifying and documenting the System Security Operating Procedures (SECOPS) for approval by CSC ISO and the ESA SAA.
• Implementing SECOPS and assuring the implementation of SECOPS by Project personnel.
• Reporting security breaches, vulnerabilities, or anomalies, in accordance with the security incident management procedures established by CSC Information Security Management Plan and project/programme-specific SECOPS.
• Taking the necessary actions to contain security breaches relating to the project under his/her responsibility.
• Giving security awareness trainings to project personnel when needed or upon request from the ISO.
• Participating in the Agency-wide network of PSSOs.
• Holding the role of Project Cyber Security Manager.
• Supporting the CSC ISO to supervise the uniform and correct implementation of the ESA Security Framework (Security Regulations, Security Directives, CSC specific Security Implementation Plans and Procedures) in the Directorate, especially for the following aspects:
• The implementation of the Directorate Information Security Management Plan (ISMP) in CSC activities, in coordination and with the input of the relevant Project/System Security Officers (PSSO);
• The implementation of the personnel security policy for the Directorate, through
• The provision of initial basic security awareness briefings to newcomers in the Directorate maintaining and developing CSC-IX tools and services;
• The continuous improvement of the security awareness programme for the Directorate, with clear quality indication points to be achieved, whilst ensuring and supervising the implementation hereof and keeping the records of participation by Directorate personnel;
• The coordination with the relevant specialists / services of the Directorate/Agency for dedicated awareness sessions or briefings ;
• The provision of the compulsory security briefings for Directorate personnel requiring access to information classified ESA RESTRICTED (or equivalent), and ensure records are kept hereof.
• Reporting of CSC security incidents (i.e. security breaches and the potential or factual compromise of information) to the CSC ISO and Agency relevant offices, taking the necessary immediate remedial measures and assisting the ESA Security Office in the possible subsequent security investigation.
• Ensuring a uniform and commensurate approach related to cybersecurity within the Directorate and its Programmes/Projects/activities in coordination with the Cyber Security Managers (CSM) of the Directorate; this includes also liaising with the ESA Computer Emergency Response Team (ESACERT) to maintain the proper level of cyber protection to all CSC assets.
• Developing and maintaining the IT tools used by CSC Security Office.

What you offer:

• Master’s degree in Engineering or Cybersecurity
• Have a minimum of 2 years experience in the concerned area;
• Have experience in working on End-to-End secured space Systems;
• Have experience in the fields of Information Protection Management, Personnel Security Management and CIS Security Management (e.g. ISO 27000 series) as well as all related best practices in these fields, including security risk management, and shall preferably have related certifications (e.g. CISSP, CPP, ISO Certifications etc.);
• Have a solid knowledge of and be familiar with threat assessment, risk analysis and continuity management methodologies and standards, and is able to apply recognised techniques like OCTAVE, SABSA, MEHARI, EBIOS, etc. and conduct security risk assessments exercises on complex systems;
• Have experience in writing and implementing operational security processes (SECOPS) for environments, personnel and systems.
• Be eligible to obtain a Personnel Security Clearance at SECRET level, issued by his/her parent National Security Authority (the PSC is requested by ESA);
• Have experience in the management of Classified Registries and COMSEC Accounts;
• Have notions about the international Request for Visit procedures for visits to Classified Facilities and/or participation to Classified Meetings;
• Have experience in working in Classified Projects or Programmes and in Classified environments.

The following will be considered assets:

• Be knowledgeable about the Agency and its internal rules, regulations and working practices;
• Have a general knowledge on physical security related matters (e.g. accreditation of facilities, security zoning, etc.).

What we offer:

• A competitive salary
• 30 days of paid annual leave, plus the days ESTEC is closed including public holidays (~12 days) based on a 40-hour working week;
• Hybrid working scheme (3 days in the office and 2 days remote in the Netherlands)
• Flexible working hours; you are in charge of your own agenda respecting core working hours
• Fully paid collective extensive health insurance scheme;
• A good pension scheme with no personal contribution;
• A career development (Coursera membership + training budget);
• Travel allowance;
• Extensive relocation package

Where:

You will be working within ESTEC, the European Space Agency’s offices in the Netherlands as a contractor for Telespazio Belgium. We don’t expect the employees to be on-site full time however you will still have to relocate to the Netherlands for this position.

Check out the ESTEC site here: esa.int/About_Us/ESTEC

When:

Starting date: 01/09/2025

Please note that interviews will be held either via skype, webex, other digital platforms or onsite in ESTEC

We look forward to receiving your application for this position!