Created in 2009, ESSP is a young and dynamic company, a pan European service provider, certified by EASA (the European Union Aviation Safety Agency) to deliver safety-critical services. Our mission is to operate and provide Communication, Navigation and Surveillance (CNS) services, among which, the main one is, the EGNOS service (the European Geostationary Navigation Overlay Service), on behalf of the EUSPA (the European Agency for Space).

ESSP Corporate Video: https://www.youtube.com/watch?v=u_FKtcaN8YE 

ESSP Website career: https://www.essp-sas.eu/human-resources/careers/

We are looking for a Security Engineer who will be in charge of overseeing security activities in support of ESSP activities and services delivered to ESSP Customers. His/her role should make the link between security and operational cybersecurity needs.

For these activities, we are looking for someone with at least 3 to 5 years’ experience in cybersecurity and IT network/information systems, with a very good level of English (B2-C1).

Your main responsibilities/activities will be:

• Review and confront information systems architectures in terms of cybersecurity,
• Propose and implement technical security functions and solutions, contributes to security projects,
• Support and manage ESSP’s internal administrative and project management process,
• Support security compliance activities to standards and regulations,
• Support security activities to be performed in Madrid interfacing with Toulouse team,
• Follow ESSP process for security deliverables (security, quality, delivery and so forth),
• Contribute to accreditations of activities (products, facilities, etc),
• Coordinate subcontractors for the accomplishment of security-related activities, and various teams involved in security activities,
• Provide technical expertise in support of company’s operational units,
• Ensure reviews and validate within the framework of the company's processes (changes, anomalies, deviations, etc.),
• Manage vulnerability process along the lifecycle,
• Contribute to Business Continuity Plan and Crisis Management on security aspects,
• Provide expertise to the benefit of ESSP, for example by participating to call for tenders,
• Participate in the analysis of security events and lead the implementation of mitigation and remediation actions on products and solutions,
• Contribute to the company's and clients' security reporting,
• Support audit activities along project lifecycle
• Upon request, lead or contribute to the security risk management.
• Lead technical and project management meetings on behalf of the Security Department
• Draft documentation

The Security Engineer contributes to the continuous improvement of company security policies and cybersecurity practices, specifically in the context of the ESSP ISO 27001 certified ISMS (Information Security Management System) and Security Management System (Sec-MS) supporting the ESSP ANSP (Air Navigation Service Provider) Certificate.

The Security Engineer is also a point of contact for the ESSP’s Security Office (Security Officers) when needed.

Consequently he/she contributes to:  

• Promoting good cybersecurity practices to the personnel,
• Improving company processes and tools for security management,
• Developing new security services, notably in terms of operational security and cybersecurity,
• Designing, building, assessing, and managing innovating technical projects for internal or external projects
• Initiate a security watch, both technological and regulatory.

Profile:

Generic Skills: 

1. Be able to:
   1. Understand, analyse, and reformulate users/customers/projects’ needs and requirements,             
      1. Define and write technical documentation; have editorial capabilities,
      2. Act as consultant and facilitate the decision-making process,
      3. Evaluate the impacts of technologies and solutions on information systems and operations.
      4. Draft hight-quality documentation
      5. Communicate a clear status on on-going actions
      6. Lead meetings
   2. Autonomy with strong teamwork capability
   3. Teaching capabilities and good communication skills
   4. Rigorous, organized, ability to be pragmatic and discreet
   5. Project management capabilities
   6. Curiosity and ability to self-learning
   7. Language skills:
      1. High English Level (B2-C1) – CECRL,
      2. French will be appreciated,
   8. Good knowledge of MS Office (Word, Excel, PowerPoint, Project and Visio).

Specific Skills: 

1. Good knowledge of technical IT security (information systems, network, physical security, crypto) and cybersecurity related activities (threats, exploits, vulnerabilities, patches, configuration, rules …)  
2. Knowledge of security risk analysis methodology (ISO27005, EBIOS RM, HLSS …)
3. Good practical knowledge of enterprise IT and security organization aspects (ISMS, ISSP, etc.), 
4. Practical knowledge of project management processes and reporting,
5. Knowledge of critical systems and associated constraints (aerospace, industry, etc.). 
6. Awareness on GNSS and communication technologies,
7. Knowledge of applicable country defence and European related regulations.   

Job Requirements:

• Available for occasional travels mainly in Europe
• Experience of mission critical systems, in aerospace and/or industrial context. 
• Experience in projects in an international context (European).
• Cybersecurity specific certifications for process or products will be appreciated

Please send your application file only by e-mail to the following address: recrut@essp-sas.eu

Job Location: Madrid (Spain)

Type of Contract: Full time - Permanent Contract

PDF: Download

ESSP is committed to cultural diversity, gender equality and the employment of disabled workers.