ESA Graduate Trainee in DevSecOps System and Applications Security

 

Location

ESOC, Darmstadt, Germany 

Our team and mission

You will be part of the System and Applications Engineering Division that is responsible for development and maintenance of software systems for Mission Operations including Monitoring and Control systems, Mission Planning Systems, Operational Simulators, Data Archiving, Data Processing and Distribution Systems.

 

 This includes:

• engineering of software infrastructure, systems and applications required for mission operations or by space programmes for various purposes, and their management throughout the end-to-end lifecycle;
• delivery of the systems and provision of the associated development, maintenance and user support in line with customer requirements;
• spin-in of advanced technologies and methodologies for system and applications engineering across the Department;
• R&D activities in the Division's domain of responsibility;
• standardisation and European harmonisation efforts in the Division's domain of responsibility

 

You are encouraged to visit the ESA website: http://www.esa.int

Field(s) of activity/research for the traineeship

As part of ESA’s mandate to develop technologies for space exploration and assist the competitiveness of European industry, ESA is leading the development of the Multi-mission Infrastructure platform, called EGOS-MG.

It is a modern DevSecOps platform, with three environments, development, integration and production, and a development pipeline and runtime services oriented at guaranteeing certain levels of security and availability.

EGOS-MG is deployed on private Kubernetes Clusters at ESOC, the European Space Operations Centre located in Darmstadt.

 

Your tasks will include the following activities:

 

Work at EGOS-MG system level

• Configuration and testing activities aimed at the Certification of the compliance of EGOS-MG, as built, to the requirements prescribed for the data protection level targeted by the operations at ESOC (referred to as Protection Level 2, PL2);
• Identification and implementation of possible improvements on the deployment procedure with introduction of signing and ownership of deployed applications, this might include binding signed application, tagging of pipeline run with identity of developer who published application on the staging register, etc.;
• Deployment of the Prisma Cloud Compute Console and Defenders in the Kubernetes cluster;
• Setup of Prisma Cloud Web Application and API Security (WAAS) module;
• Setup of Prisma Cloud sandbox machine for Dynamic Analysis (Image Analysis Sandbox);
• Collaborate in the Analysis and Definition of a Zero Trust Strategy for EGOS-MG

 

Work at Applications level

• Update of pipeline template with standardised security approach;
• Include dependency tree graph to allow easy detection of vulnerable dependencies in pipeline job artifacts;
• Define quality gates in SonarQube for static analysis;
• Develop automated penetration testing scenarios (based on our AACT tool) to be used in the pipeline.

 

Promotion and demonstration the EGOS-MG security capabilities to mission operators.

 

The position offers unique opportunities to gain experience on modern technologies and approaches to develop and deploy secure mission operations software. 

Technical competencies

Knowledge of relevant technical/functional domainsRelevant experience gained during internships, project work and/or extracurricular or other activitiesGeneral knowledge of the space sector and relevant activitiesKnowledge of ESA and its programmes/projects

Behavioural competencies

Result Orientation

Operational Efficiency

Fostering Cooperation

Relationship Management

Continuous Improvement

Forward Thinking

For more information, please refer to ESA Core Behavioural Competencies guidebook

Education

You should have just completed, or be in the final year of your master’ s degree in computer science, engineering or similar discipline.

Additional requirements

You should have good interpersonal and communication skills and should be able to work in a multicultural environment, both independently and as part of a team. Previous experience of working in international teams can be considered an asset. Your motivation, overall professional perspective and career goals will also be explored during the later stages of the selection process. 

A good knowledge in Cyber Security and Cloud Computing is required, as well as a good foundation  in computer programming and knowledge of DevSecOps practices, environments and technologies.

Diversity, Equity and Inclusiveness 
ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. We therefore welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, beliefs, age, disability or other characteristics. Applications from women are encouraged.

At the Agency we value diversity, and we welcome people with disabilities. Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace. The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further, please contact us via email at contact.human.resources@esa.int.
 

Important Information and Disclaimer
During the recruitment process, the Agency may request applicants to undergo selection tests. Additionally, successful candidates will need to undergo basic screening before appointment, which will be conducted by an external background screening service, in compliance with the European Space Agency's security procedures.

The information published on ESA’s careers website regarding working conditions is correct at the time of publication. It is not intended to be exhaustive and may not address all questions you would have. 

 

Nationality and Languages 
Please note that applications can only be considered from nationals of one of the following States: Austria, Belgium, Czechia, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Slovenia, Spain, Sweden, Switzerland, and the United Kingdom. Nationals from Latvia, Lithuania and Slovakia  as Associate Member States, or Canada as a Cooperating State, can apply as well as those from Bulgaria, Croatia, Cyprus and Malta as European Cooperating States (ECS).

According to the ESA Convention, the recruitment of staff must take into account an adequate distribution of posts among nationals of the ESA Member States*. When short-listing for an interview, priority will be given to external candidates from under-represented Member States*. 

The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.  

*Member States, Associate Members or Cooperating States.