stairs
Security Expert & Auditor_ESSP website
July 01, 2022

Security Expert & Auditor – F/M


ESSP, a dynamic French company open to the world, is looking for a Security Expert and Auditor for a Permanent –Full-time Contract in Toulouse.

We work with highly skilled teams and our employees come from different backgrounds and disciplines, from aeronautics to aerospace, engineering to telecommunications. This diversity allows the company great flexibility to adapt to new needs and challenges.

We are eager to provide the best quality services through safe and efficient operations and management systems. We are expanding and always looking for new talents.

To find out more about us, we invite you to visit our website: https://www.essp-sas.eu/humanresources/careers/

Some videos are also available on YouTube for you to discover our activities:

- EGNOS
- EGNOS Support services
- EGNOS for Maritime…

And a lot more videos are available.

If you are rigorous, with a good level of English, with strong Security in information systems and networks knowledge, then this position is for you!

By joining us, you will be in charge of security activities in support of ESSP activities and services delivered to ESSP Customers, and of security audits on suppliers/ESSP activities.

Main tasks:

- Contribution to ESSP bids, security requirements and translation into organizational and technical security measures;

- Measure and evaluate the level of security by leading or conducting audits and verifications;

- Contribution or lead of required accreditations of products and facilities;

- Identification and analyze of cyber risks and vulnerabilities and propose treatment plans;

- Define or challenge architectures in terms of cyber security;

- Propose and implement security functions and solutions, contribute to security projects;

- Ensure reviews and validate within the framework of the company's processes

- Participate in the analysis of security events and lead the implementation of mitigation and remediation;

- Contribute to the company's and clients' security dashboards;

You will contribute to the continuous improvement of enterprise security policies and practices, specifically in the context of the ESSP ISO 27001 certified ISMS (Information Security Management System) and Security Management System (Sec-MS) supporting the ESSP ANSP (Air Navigation Service Provider) Certificate.

- promoting good security practices to the personnel,

- ensuring a security watch, both technological and regulatory,

- improving enterprise processes and tools for security management,

- developing new security services, notably in terms of operational security and cybersecurity,

- Designing, building, assessing and managing innovating technical projects for internal or external clients.

Profile:

The following competencies will be assessed:

- Ability to:

- Understand, analyse and reformulate users/customers/projects’ needs and requirements;
- Define and write technical documentation;
- Act as consultant and facilitate the decision making process;
- Evaluate the impacts of technologies and solutions on information systems and operations.
- Autonomous, with good capability for team work.
- Teaching capabilities and good communication skills
- Lead technical meetings

- Rigorous, pragmatic and discreet

- Curiosity and ability to self-learning

- Good English Level (B2-C1) – CECRL

- Good knowledge of MS Office (Word, Excel, PowerPoint, Project and Visio)

Deep knowledge of:

- Audits
- Information security standards (ISO27000, NIST, OWASP, ANSSI, etc.),
- security risk assessment methodologies (ISO 27005, EBIOS, EBIOS RM, …),
- IT and security organization aspects (ISMS, etc.),
- technical security (information systems, networks, systems, web, physical security, crypto, etc.)
- cybersecurity (threats, exploits, vulnerabilities, cybersecurity detection and surveillance tools, etc.),

The following knowledge would be a plus:

- Project management,
- Critical systems and associated constraints (space, aviation, industry, etc.).
- Knowledge of EGNOS, GNSS and CNS technologies,
- European regulation applicable to Information System Security and to GNSS in particular.

Job Requirements:

Engineer degree.

10 years of professional experience in IT security or in information systems and networks.

Experience of critical and/or complex technical systems in the space, aviation or industry sectors.

Experience of international projects (Europe).

Available to occasional travels in Europe

You can send your application file by e-mail to the following address: recrut@essp-sas.eu

Job Location: Toulouse (France)

Type of Contract: Full time - Permanent Contract

PDF: Download


ESSP is committed to cultural diversity, gender equality and the employment of disabled workers.

Access to this position may require a EU personal security clearance