ATG's mission is to support and enable the space industry in its endless drive towards technological and economical growth. By making available our knowledge, expertise and unique technological solutions to key players, we truly aim to accelerate innovation throughout the community.
On behalf of the European Space Agency (ESA), we are looking for an Information Security Engineer for their location in Noordwijk, the Netherlands, to join their IT Security Section.
Please note this is an external consultant position not a Staff position.
Tasks & Responsibilities
Contribution to perform the following activities:
- Monitor and control the ESA IT infrastructure and services using SIEM, EDR technologies and others state of the art security tools;
- Investigate ESA IT system’s security incidents and breaches;
- Support remediation activities related to security incidents;
- Create reports and visualizations of security attacks;
- Support penetration test and vulnerabilities assessment for ESA IT systems;
- Contribute to the ESA IT Security Awareness Program;
- Contribute to the evolution of the ESACERT Service and security tools;
- Support consistent vulnerability management / patch management process;
- Participate to recurrent meeting with the customer as the technical referent;
- Participate to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting);
- Keep track of all operational activities via the ESACERT Ticket Management system.
ESACERT SECURITY CAPABILITIES
- Proficiency in the core capabilities of the ESACERT Team. Familiarity with the specific tool would constitute and asset for the candidates, but it is not mandatory requirements. Complementary activities will be as well an asset
- Core capabilities:
- Incident Handling: Incident handling procedures (NIST); TheHive, Cortex;
- Security Monitoring and Analytics: SIEM technology’s: Archsight; Security Analytics: Any BigData tools (e.g. SPLUNK);
- Malware and ATP Technology’s: EDR: CISCO AMP, CISCO Umbrella; TrendMicro Solutions; Microsoft ATP Defender and O365 Security Framework; Sandboxing: VMray, TM DDAN, Open source;
- Penetration Testing &Vulnerability Assessment/Management: Nessus; Burp; Netsparker; SkyBox; OWASP Methodology;
- Security Intelligence: OSINT Framework; MISP; Shodan; Maltego.
- Network Security: TCP/IP; Routing: BGP, OSPF, MPLS; DNS, NTP, TLS; Firewall and Proxy.
- Forensics Analysis: SIFT; Autopsy
- Security Awareness: Phishing & Simulation: KnowBe4; Early Warning: Flexera.
- At least 5 years’ experience working in a technical security position and shall be highly motivated;
- Have good interpersonal and organizational skills;
- Be an excellent team player;
- Be fluent in spoken and written English;
- Have strong time management skills with the ability for multitasking;
- Have solid Communication skills;
- Have proven experience that shows proficiency in the Core and Complementary capabilities;
- Be able to write and manage Project and Service Documentation;
- Have working knowledge of Office365 Security Tools;
- Have working knowledge of data protection based on a defense-in-depth approach;
- Have working knowledge of the ITIL and the ISO27000 Framework;
- Have National Security Clearance or willing to obtain it when starting the job;
- Willing to travel for user community related requirements and issues;
- Have working experience with encryption technology and tools;
- Have Security IT Certifications, preferably SANS or OSCP as an asset;
- Knowledge of the ESA or EU Data Classification model is an asset;
ATG Europe offers excellent working conditions and provides you with all the necessary means to further your career. We believe that training and education, combined with regular assessments and a personal development plan, will create the best environment for growth. If needed we also assist you with settling in your new home or finding the right school for your children. ATG will help in any way it can, including a relocation budget that is applicable for ATG staff as well as employees working at one of our clients.