This position covers the establishment, maintenance and operation of security related processes and technical infrastructure (general and security specific ICT, access control and intrusion detection systems, encryption devices and networks, etc.) and the execution of administrative activities associated to it.
These tasks are carried out with the relevant ESA services in the support directorates and in coordination with other NAV services and units.
Physical Security Definition, set up, maintenance and operation of CCTV, access control and intrusion detection systems of D/NAV directorate dedicated infrastructure for the management of classified and unclassified information. This includes:
• Coordination with ESA Security Office for accreditation and with ESA Corporate services (Facility Management for implementation, maintenance and operations,).
• Coordination with counterparts in other security offices within ESA (PRS Lab, ETS test facilities, ESOC) for issues concerned with the D/NAV Physical Security and logistics.
• Support the procurement of delta equipment, software and services in the domain of Physical Security.
ICT Security Definition set up, maintenance and operation of the ICT security related matters of the D/NAV directorate dedicated infrastructure for the management of classified and unclassified information, in close coordination with D/NAV IT manager. This includes:
• Definition, implementation and control of ICT infrastructure for classified information (Galileo Secure Environment).
• Coordination with D/NAV IT manager and ESA Corporate ICT services for delta security-related ICT services (e.g. HD encryption, security threats and incidents, virus alerts handling, etc.).
• Coordination with counterparts in other security offices within ESA (PRS Lab, ETS test facilities, EGNOS) for issues concerning the D/NAV ICT Security.
• Establishment, operation and maintenance of classified communication networks (SINA) in support of procurement and operational tasks.
• Support the procurement of delta equipment, software and services in the domain of ICT Security.
• Provide direct support to the Head of the Physical, ICT & Personnel Security Unit in the management of the Galileo Secured Environment and supervise its day today operations.
• Provide direct technical advice to D/NAV and Navigation Security Office Management to support decisions on ICT, Logistics, and Physical Security.
• Perform and/or supervise the set-up, securing, administration and maintenance of ad-hoc D/NAV ICT infrastructure.
• Ensure that effective backup procedures are in place and carried out in accordance with the SECOPS of the specific system under his responsibility.
• Ensure that the emergency recovery procedures, as detailed in the SECOPS, are in place and exercised at regular intervals.
• Ensure that all personnel having access to a system have the required “Need-To-Know” and are appropriately security cleared, if necessary.
• Ensure that accounting, audit and other security-related records are maintained and examined in accordance with the SECOPS.
• Report any security breaches, vulnerabilities or anomalies to the responsible management, the ESACERT as appropriate, and take the necessary actions deriving from the incident response.
• Master level education in IT Security, Cyber Security or equivalent.
• At least 4 years of relevant experience.
• In possession of EU/national/NATO personal security clearance up to SECRET
• Previous experience and qualifications on INFOSEC & Physical security.
• Previous experience with system hardening and accreditation process.
• Previous experience with handling Classified Information and its protection (NTK, ACL, RBAC, FIM)
• Previous experience with handling Crypto material (Keys, Smartcards)
• Previous experience with Public Key Infrastructures (PKI)
• Previous experience with Microsoft Windows Server and Client environments, Active Directory, GPOs
• Previous experience with Linux platforms
• Previous experience with Virtualisation technologies (VMWare vCenter, Horizon View).
• Knowledge and working experience with security monitoring tools (SIEM, Syslog)
• Knowledge and working experience with File Transfer technologies (FTP, SFTP)
• Previous experience with Networking technologies like Switches, Routers and Firewall configuration
• Voice-over-IP technologies, Asterix PBX and Cisco IP Phones
• Experience with ITIL and/or PRINCE2.
• Experience with ISO 27000 implementation
• Excellent communication skills (written, interpersonal, negotiation and telephone communications) are crucial.
• Ability to work independently and manage multiple tasks simultaneously.
• Ability to work under presure
• High senses of rigour, proactive attitude to solving problems.
• Service orientation
• A very good working knowledge of spoken and written English is essential
• Excellent team work skills
DEADLINE : 08/08