Cyber Security Engineers

  • Company: European GNSS Agency
  • Job Location: Prague - Czech Republic
  • Date: March 23, 2021 07:37
  • Employment Type: Any
  • Experience: medior
  • Job Functions:

    Information Technology

Job summary

The European GNSS Agency (GSA) is responsible for the operations and service provision for the European Global Navigation Satellite Systems (GNSS) EGNOS and Galileo. By developing a new generation of GNSS, Europe is laying the foundation for new high-technology industry development, leading to job creation and economic growth.

The GSA is assumed to become the European Union Space Programme Agency (EUSPA) and to expand the scope of its activities beyond Galileo and EGNOS, to other areas, such as Copernicus for Earth Observation, GOVSATCOM for Governmental Space Communications and Space Situational Awareness (SSA)

You will be joining a dynamic EU Agency and have the opportunity to work with colleagues from a broad array of different backgrounds and expertise all committed to ensure that European citizens get the most out of Europe’s space programmes.

In particular, in the security field, the Agency is expected to be delegated with the direct responsibility of the operational security of Galileo and EGNOS. At the same time, security-related activities are expected to be entrusted to the Agency also in the other components.

The Security Department proactively contributes to the fulfilment of the missions of the Agency by providing the security expertise in order to (1) ensure that the components of the Space Programme are defined, implemented and exploited securely, (2) achieve successful security accreditation of the components of the Programme, and (3) ensure a wide, secure and sustainable use of the services provided by the different components.

Job description

The Cyber Security Engineers will work in one of the areas listed below and have in principle the following tasks and responsibilities:

  1. Cyber Security Management
  • Taking an active part in the implementation of the Agency’s Cyber security Awareness and Training plan;
  • Supporting the update of the Galileo and/or EGNOS service security requirements and their implementation by the infrastructure providers and the operators;
  • Contributing to the continuous update of the Statement of Compliance to the applicable cyber security requirements;
  • Developing procedures for the efficient processing of cyber security management activities;
  • Participating in the technical reviews related to cyber security aspects;
  • Participating to the Agency’s Cyber security Panels and to the Programme Cyber security Boards;
  • Supporting auditing and testing activities, participating in these and following-up their results;
  • Driving the cyber security vulnerability management for the projects under his/her competence, in cooperation with Services departments (Galileo, EGNOS and others in the future) and the Galileo Security Monitoring Centre (GSMC);
  • Contributing to the preparation of security accreditation files, security risks analyses and the associated security risks treatment plans related to cyber security aspects;
  • Supporting the development of cyber security activities for the other space components (e.g. GOVSATCOM, COPERNICUS, SSA, …);
  • Liaising with other GSA teams and provide cyber security engineering support as needed;
  • Liaising with the other EU Agencies entrusted with cyber security activities, in particular ENISA; 
  • Providing technical support to the European Commission on the relevant forums focused on cyber security aspects.
  1. Cyber Security Audit
  • Maintaining the Agency’s cybersecurity auditing strategy, the cyber security audit programme and the cyber security audit plan for Galileo and/or EGNOS;
  • Auditing the implementation of the Agency’s Cyber Awareness and Training plan;
  • Reviewing the Statement of Compliance to the applicable cyber security requirements for Galileo and/or EGNOS;
  • Developing procedures for the efficient processing of cyber security audit activities;
  • Auditing the existing procedures for the cyber security management and the cyber security operational activities;
  • Participating in the technical reviews related to cyber security aspects, in particular for the cyber security acceptance of the infrastructure and operations;
  • Participating to the Agency’s Cyber security Panels and to the Programme Cyber security Boards;
  • Promoting auditing and testing activities, taking an active part in these and following-up their results;
  • Contributing to the review of security accreditation files, security risks analyses and the associated security risks treatment plans related to cyber security aspects;
  • Supporting the development of cyber security auditing activities for the other space components (e.g. GOVSATCOM, COPERNICUS, SSA, …);
  • Liaising with other GSA teams and providing cyber security engineering support as needed;
  • Liaising with the other EU Agencies entrusted with cyber security activities, in particular ENISA;
  • Providing technical support to the European Commission on the relevant forums focused on cyber security aspects.

Job qualifications

ELIGIBILITY CRITERIA

The selection procedure is open to applicants who satisfy the following eligibility criteria, on the closing date for application:

  1. A level of education which corresponds to completed university studies attested by a diploma when the normal period of university education is four years or more
    OR
    A level of education which corresponds to completed university studies attested by a diploma and at least one year of appropriate professional experience when the normal period of university education is three years
  2. In addition to the above, appropriate professional experience of at least six years after obtaining the required diploma
  3. Be a national of a Member State of the European Union
  4. Be entitled to his or her full rights as citizen
  5. Have fulfilled any obligations imposed by the applicable laws concerning military service
  6. Meet the character requirements for the duties involved
  7. Have a thorough knowledge of one of the languages of the European Union and a satisfactory knowledge of another language of the European Union to the extent necessary for the performance of his/her duties
  8. Be physically fit to perform the duties linked to the post

 

SELECTION CRITERIA

Essential criteria

  1. University degree in the exact sciences (e.g. engineering, physics, mathematics, computer science, telecommunications, electronics etc.)
  2. Experience in Cyber security management or auditing
  3. Experience in the field of information and network security (e.g. secure design, operations, security risk management)
  4. Excellent command of both written and spoken English

Advantageous criteria

  1. Experience in handling classified material at or above SECRET UE/EU SECRET (or equivalent)
  2. Experience in a security accreditation, security certification, particularly with regard to the analysis of compliance to cyber policy, processes and requirements
  3. Knowledge (by training or experience) of the security aspects of the European GNSS or other EU/Member State Space Programmes
  4. Knowledge of relevant security standards (e.g. CISSP, GIAC, ISO 27000, ISACA, NIST)
  5. Certification in cybersecurity domain (e.g. CISSP, GIAC, OSCP)

Behavioural competencies

  1. Motivation
  2. Excellent communication skills
  3. Working with others and customer service mindset
  4. Ability to work under pressure and prioritise

v2.0.24 @ web-03 US