The European GNSS Agency (GSA) is responsible for the operations and service provision for the European Global Navigation Satellite Systems (EGNSS) EGNOS and Galileo. By developing a new generation of GNSS, Europe is laying the foundation for new high-technology industry development, leading to job creation and economic growth. These European flagship space programmes, which embody what can be achieved when Europe works together, are already bringing real benefits to people and business in Europe and around the world. The GSA Communications team is responsible for the provision of information, promotional activities, and outreach initiatives of the GSA in general. Among other things, the GSA’s communication activities focus on the development and implementation of communication strategies and initiatives that support the objectives of the Agency and its programmes.
The European GNSS Agency is looking for a Security Risk Engineer(s) who will report to the Head of the Security Department or his/her assignee(s). The role of the Security Risk Engineer will be to prepare the security accreditation files (including the security risk analysis) for the submission to the accreditor of the relevant authorisation requests.
For more information on the GSA and the European satellite navigation programmes, click here.
TASKS AND RESPONSIBILITIES:
The jobholder will be entrusted with the following tasks and responsibilities:
- Analyse security risks, define associated risks, propose mitigation actions and security measures, and follow up on their implementation;
- Follow up the tasks performed by the system developers and operators within the preparation of the security accreditation files and security risk analysis for the different components;
- Support the security accreditation process of the components, including the definition and implementation of the relevant framework for the new components;
- Provide security support to the preparation of the security accreditation files for the components: their services, systems, operations and sites;
- Maintain the schedule of the accreditation activities;
- Support the development, review and continuous update of the security baseline of the different components along their lifetime and different milestones, ensuring that the related security documentation is properly maintained;
- Support the procurements of the Agency which have implications in the security accreditation processes of the components (e.g. site hosting, infrastructure and operations) and assess the impact of changes to the security baseline;
- Monitor the implementation of the security accreditation baseline;
- Contribute to the establishment and continuous update of the Statement of Compliance to the applicable security requirements, its impact in the associated security accreditation file and follow-up by corresponding actions;
- Draft technical notes and reports and participate to technical reviews related to security accreditation aspects;
- Participate to on-site security audits/visits of the ground stations of the different components when necessary;
- Interact with Member States Local Security Accreditation Authorities (LSAA) in the frame of the Security Accreditation Process and of the Critical Infrastructure Management Process;
- Provide technical support to the European Commission for the activities of the different Security Boards and associated Working Groups;
- Liaise with the other teams of the Agency and provide security engineering support upon request and according to their needs.