Created in 2009, ESSP is a young and dynamic company, a pan European service provider, certified by EASA (the European Union Aviation Safety Agency) to deliver safety-critical services. Our mission is to operate and provide Communication, Navigation and Surveillance (CNS) services, among which, the main one is, the EGNOS service (the European Geostationary Navigation Overlay Service), on behalf of the EUSPA (the European Agency for Space).

ESSP Corporate Video: https://www.youtube.com/watch?v=ZkszX-ptzAY

ESSP Website career: https://www.essp-sas.eu/human-resources/careers/

We are looking for a Corporate Security Coordinator who will be in charge of security activities impacting the assets designed, deployed, and operated by ESSP in support of the activities and services provided by ESSP to its customers. For these activities, we are looking for someone with at least 5 years’ experience in operational IT security or SOC operation or Security Governance and of critical and/or complex technical systems in the space, aviation or industry sectors.

Your main responsibilities/activities will be:

As a Corporate Security Coordinator:
- Serve as the primary security point of contact (PoC) for security activities impacting the assets designed, deployed, and operated by ESSP, mainly on Madrid and Toulouse sites, ensuring all security requirements are identified, communicated, and met.
- Coordinate and oversee the planning, execution, and closing of cybersecurity projects, ensuring they are delivered on time, within scope, and on budget.
- Facilitate the coordination with internal teams (Security Operations, Engineering/Evolutions, GRC, Internal Audit) to align security activities with project goals.
- Evaluate and follow project plans, including timelines, milestones, and resource allocation, while managing risks and issues.
- Facilitate communication between stakeholders, ensuring clarity on security objectives, timelines, and deliverables.

As a Security Specialist:
- Assess and address security risks specific to the project, proposing mitigation strategies and ensuring compliance with applicable frameworks.
- Design and validate security controls in collaboration with Security Engineering and GRC teams, or independently as needed.
- Conduct security reviews and audits for the project, ensuring adherence to internal policies and external regulations (for instance: PSSI, ISO 27001, NIST, GDPR).
- Analyse and address security measures and address findings from SOC, Internal Audit, or third-party assessments.
- Propose continuous improvement of security practices within the project scope, leveraging feedback and lessons learned.

As a Member of the Security Team:
- Represent the project’s security interests in cross-functional meetings, working groups, and governance forums.
- Collaborate with other security teams to share project-specific insights, align on best practices, and support organizational security initiatives.
- Provide security guidance to project stakeholders, including business units, IT, and external partners.
- Support incident response by offering project-specific context and assisting in investigations if needed.
- Promote security awareness within the project team, ensuring all members understand their roles in maintaining security and compliance.

Profile:

Generic Skills:
- Strong project management skills.
- Initiative capabilities and proactivity
- Leadership and coordination of cross-functional teams.
- Excellent communication and stakeholder management abilities.
- Analytical and problem-solving skills to address security challenges.
- Ability to work independently or collaboratively to achieve project goals.
- Very good level of English (B2-C1) - CECRL.
- Good knowledge of MS Office (Word, Excel, PowerPoint, Project and Visio).

Specific Skills:
- Cybersecurity project management, including risk assessment and compliance.
- Knowledge of security frameworks and standards (e.g., PART-IS, ISO 27001, NIST, GDPR).
- Experience with security controls, audits, and continuous improvement processes.
- Ability to perform security tasks independently or coordinate with specialized teams.

The knowledge of the following domains would be considered an advantage:
- Space and/or Aeronautical industry experience, including relevant security standards and regulations.
- Familiarity with industry-specific compliance requirements (e.g., ECSS, DO or ED for aeronautics).
- Understanding of cloud security, IoT, or embedded systems in aerospace contexts.
- Certifications such as PMP, CISSP, CISM, or CRISC.
- Knowledge of secure development lifecycle (SDLC) and DevSecOps practices.

Job Specifications:

- Available for punctual travels mainly in Europe

Please send your application file only by e-mail to the following address: recrut@essp-sas.eu

Job Location: Toulouse (France)

Type of Contract: Full time - Permanent Contract

PDF: Download

ESSP is committed to cultural diversity, gender equality and the employment of disabled workers.