stairs
security
September 20, 2017

Design Security Engineer (M/F)


Being part of the Security Team and report directly to the Chief Security Officer, the Design Security Engineer will be in charge of the technical architectural security design definition of the systems and of the specification of requirements, security policies, hardening specifications and definition (hardening guidelines).

The Design Security Engineer’s main responsibilities:

Architectural definition of systems from a security point of view

• Control of the system security engineering  processes and activities (requirements specification engineering, system modelisation, interfaces control, …)

• Design of secured architectures (from a technical and operational point of views)

• Writing of the design documents and ensuring the associated activities (use cases, gathering of the information on users’ needs and specifications, functional models, architectural definition files, design justification files…) Security requirements specification, security policies, hardening guidelines, Security Operations,

• Definition and writing of the security policies

• Apportionment of security objectives in operational and technical specifications• Writing of the hardening guidelines of operating systems and application softwareEnsure technological watch, consultancy and anticipation• Ensure the monitoring of regulatory and technological evolutions of ISS (Information Security Systems)• Monitoring of the  necessary changes to guarantee the logical and physical security of the information systems• Provide guidance and recommendations to the project teams on best practices related to security in their respective domains: design, development, production, support …

Profile

Generic Skills:

Be able to:

 Take into consideration and evaluate the impacts on the information system of the introduction of new technology;

 Formalise and analyse users’/customers’ needs;

 Define and write procedures, have editorial capabilities;

 Act as consultant and facilitate the decision making process;

• Have pedagogical capabilities;

• Have good communication skill and technics, be able to lead/chair meetings (technical and managerial);

• Be autonomous, practical , rigorous and precise;

• Good capability for team work;

• Good level of English (B1-B2) – CECRL

• Good knowledge of MS Office (Word, Excel, Powerpoint, Project and Visio)

Specific Skills:

Knowledge of :

 Network security (Firewalls, IPS/IDS probes, VPN, proxy/reverse proxy, WAF, anti-virus,…)

 Authentication (AD, LDAP, Kerberos, smartcard,...);

 PKI infrastructure;

 Security Event Management (SIEM);

 Communication and telecommunication technologies, protocols, tools and systems;

• Familiar with Project management;

• Familiar with Critical systems and associated constraints;
The knowledge of the following domains would be considered as a plus:

• Practical knowledge of ISO 27k standards

• European regulation applicable to the ISS and to GNSS in particular

• Communication in the space domain and LAN/WAN technologies in particular

• Knowledge of safety and dependability

Job features:

- Available for travels in Europe

- Access to this position may require a Personal Security Clearance (PSC) level« EU-Confidential or higher

- Engineer certificate or equivalent

- 5 to 10 years of professional experience in Security ideally in the world of space and/or aeronautical and/or air traffic management « critical systems »

- Project experience in an international context (European)


Please send your application fileonly by e-mail to the following address: recrut@essp-sas.eu

Job Location: Toulouse (France)

Type of contract: Full time/ Permanent

PDF: Download