(Senior) Engineer, Cybersecurity and Information Assurance, IRIS2

PROGRAM DESCRIPTION

IRIS2 is the new European Union secure satellite constellation.  This project is the European Union's answer to the pressing challenges of tomorrow to provide secure connectivity services and enhanced communication capacities to the EU and its Member States. In addition, as well as to governmental users, private companies and European citizens while benefiting from ensuring high-speed internet broadband to cope with connectivity dead zones.

SES – together with other consortium partners and core members - was selected by the European Commission to build and to operate the IRIS2 multi-orbit satellite constellation.

The IRIS2 team enters next project phases, we seek and there is a strong need of support for all the activities around service provisioning and products that the system can offer in the future.

ROLE DESCRIPTION SUMMARY

This role is part of the Security and Information Assurance Engineering capability within the IRIS² Programme, supporting its Security Engineering and Security Accreditation activities in order to obtain the Security Authorization to Operate for the System from Government Authorities.

The Cybersecurity / Information Assurance Engineer contributes to the technical execution of cybersecurity and information assurance activities across systems, segments, subsystems, and components under SES responsibility, providing structured technical analysis, engineering support, and high‑quality documentation in a highly regulated and classified environment.

The position is focused on engineering support within the established Security Governance framework.

PRIMARY RESPONSIBILITIES / KEY RESULT AREAS

Actively contribute to Security Accreditation engineering activities for the IRIS² Programme, supporting technical analysis, consistency checking, and preparation of security accreditation evidence.

Support the analysis and implementation of security requirements at:

• system level,
• segment level,
• subsystem and component level.

Perform technical analysis of subsystems and components handling classified information, including:

• identification and assessment of interfaces,
• analysis of information flows,
• identification of trust boundaries and segregation mechanisms.

Support the technical assessment and validation of Security Enforcing Functions (SEF) implemented by:

• Commercial Off‑The‑Shelf (COTS) products,
• internally developed SES components,
• partner‑ and subcontractor‑provided elements,
• Government‑Furnished Equipment (GFE), where applicable.

Contribute to security architecture analysis and documentation, including:

• logical segregation of classified and non‑classified domains,
• consistency between functional and security architectures,
• identification of security responsibilities across subsystems.

Support the technical evaluation and integration of cryptographic solutions, including:

• identification of cryptographic boundaries,
• assessment against applicable security and regulatory requirements,
• analysis of system and subsystem integration constraints.

Review security‑related technical documentation produced by partners and subcontractors, identifying gaps, inconsistencies, and missing evidence, and contributing to remediation activities.

Contribute to the preparation of Security Accreditation documentation, including:

• technical annexes,
• SEF justification material,
• supporting evidence for audits and accreditation reviews.

Support security testing activities through the review of security test plans and security test reports (IVV / Test Bed).

Participate in security coordination meetings, providing structured technical input and contributing to cross‑team alignment.

INTERFACES & WORKING MODE

Operates within the Information Assurance Engineering function.
Works under the programme‑level Security Governance defined by the Director, Security IRIS².

Interfaces with:

• System Engineering,
• Service Engineering,
• Operations and ILS teams,
• Partner and subcontractor technical teams,

in a technical contribution and support capacity.

QUALIFICATIONS,EXPERIENCE & COMPETENCIES

• Strong technical background in cybersecurity and information assurance engineering (at least 2 years in Aerospace& Defence Companies on classified military systems)
• Proven ability to analyse complex systems, architectures, and information flows.
• Solid understanding of:

• security requirements engineering,
• Security Enforcing Functions (SEF),
• cryptographic principles,
• system and network security fundamentals.

• Good knowledge of and experience with recognised security accreditation and assurance frameworks, including:

• Common Criteria (ISO/IEC 15408);
• at least one National Security Accreditation scheme (e.g. national RMF / governmental accreditation frameworks);
• NIST Risk Management Framework (RMF) and NIST Special Publication 800‑53.

• Ability to operate effectively in classified and regulated environments.
• Structured, methodical, and documentation‑oriented working style.
• High level of technical autonomy and accountability on assigned tasks.
• Excellent written and verbal communication skills in English.
• Proven experience in Security Engineering / Information Assurance roles.
• Experience with complex technical infrastructures, such as:

• satellite or space systems,
• ground segments,
• secure IT and network infrastructures.

• Exposure to security accreditation, compliance, or assurance activities is highly desirable.
• Demonstrated ability to contribute to high‑quality technical security documentation.

OTHER KEY REQUIREMENTS / COMMENTS

• Eligibility for EU SECRET personnel security clearances is essential. Candidates must be prepared to undergo a security clearance procedure, as this position may require holding such clearance
• Ability to operate in a security‑sensitive and regulated environment.
• Willing to work at least 60% onsite from office.
• Travel as required for project realization purposes