(Senior) Engineer, Network Cyber Security

ROLE DESCRIPTION:
(Senior) Engineer, Network Cyber Security designs network security concepts that effectively mitigate network security risks, while accommodating complex operational needs. The scope is to design and implement network security controls in accordance with network security concepts to ensure secure, resilient, available networks that adequately safeguard information assets of SES, its affiliates and commercial platforms. 

(Senior) Engineer, Network Cyber Security will also provide IT security related project support and internal consultancy within the organization as well as for customer related projects.

You will be responsible for (this is not an exhaustive list):

• Plan, design and document network security concepts that effectively mitigate network security related risks, while accommodating complex operational needs 
• Plan, design, implement and document network security controls in accordance with network security concepts, including multi-vendor firewalls, VPNs, IDS/IPS, web proxies, email security gateways, web application firewalls, network access control, etc.
• Define network security policies that balance mitigation of information security risks and operational needs
• Plan and perform complex operational tasks, such as hardware and software upgrades, enhancements and configuration changes of the network security infrastructure in cooperation with the IT Operations team
• Provide third line support for the troubleshooting of operational problems of the network security infrastructure, and escalate to vendors if needed 
• Lead network security projects as laid down in SES’s information security strategy and deliver them within time, cost and scope.
• Support the development and promotion of information security policies, standards, processes and procedures and monitor compliance to the information security policy framework. 
• Support the detection and analysis of information security incidents and manage adequate responses to information security incidents 
• Review network security controls and provide specific recommendations to mitigate risks
• Perform information security audits and vulnerability assessments and support the management of vulnerabilities
• Provide clear, concise, timely and constructive recommendations regarding information security in all areas related to network security
• Travel and on-call duty as required

You Must Have:

• Degree in Computer Science and a minimum of 3 (5) years industry related experience in a large heterogeneous environment
• Good knowledge and experience in Operating System (Windows and Linux) 
• Solid theoretical background and strong practical experience in network security architectures and defining efficient and effective network security concepts
• Strong, hands-on knowledge of and experience with the implementation of network security controls, including (next generation) firewalls, web proxies, IDS/IPS, web application firewalls, VPN, Network Access Control, …
• Good knowledge in network communication concepts and principles, including routing and switching
• Sound understanding and experience with network protocols/technologies such as: IPv4, IPv6, TCP/IP, HTTP(S), SSL, IPsec, 802.1x, OSPF, BGP, EIGRP, Spanning-Tree and the ability to perform troubleshooting of networks and associated devices
• Relevant vendor certifications, general security certifications and knowledge of the satellite industry are a plus
• Solid knowledge of IT security threats, vulnerabilities, security technologies, controls and best practices
• The candidate must be eligble for a "SECRET" security clearance, in accordance with the "loi modifiée du 15 juin 2004 relative à la classification des pièces et aux habilitations de sécurité", as well as EU/ESA/NATO equivalents

Nice to have:

• Understand all stakeholders in the information security process and possess the ability to explain security rationales and controls to non-technical audiences
• Ability to understand business requirements and work towards solutions, both autonomous and in teams
• Excellent team player and ability to work in international and interdisciplinary teams
• Ability to establish well-written, structured documents (e.g. designs and infrastructure documen-tation)
• Be fluent in English (any other language being an asset)