(Senior) Engineer, Cloud and System Security

ROLE DESCRIPTION SUMMARY

In this position you will be responsible for translating advanced security requirements using the latest technologies in cyber security into comprehensive effective and efficient technical security concepts. You will manage and advise several projects and BizDevOps teams to deliver resilient zero trust solutions in a diverse and fast paced environment. You will also autonomously steer and deliver zero trust complex cyber security implementation projects as well as design, implement, and automate advanced cloud, system, and application security controls.

PRIMARY RESPONSIBILITIES / KEY RESULT AREAS

• Translate advanced security requirements into comprehensive, effective and efficient technical security concepts in line with industry and governmental security standards that effectively mitigate security related risks, threats and vulnerabilities while accommodating complex operational needs in complex hybrid infrastructures
• Manage and advise architects and BizDevOps teams on effective and efficient zero trust cyber security strategies, architectures, and technical security controls to meet advanced security requirements and deliver resilient solutions against advanced threat actors
• Autonomously lead complex cyber security implementation projects as laid out in SES’s information security strategy and deliver them within time, cost and scope
• Support the execution of the Zero-Trust strategy for SES by designing, implementing and automating advanced zero trust cloud, system and application security controls leveraging best of breed and cloud native state of the art security technologies, including EDR, O365 Security, data leakage prevention and rights management, identification and access management, active directory security, secure software development
• Define and develop secure Azure products and policies in collaboration with cloud product owners and increase the Secure Score on Azure environment
• Define policies, processes, procedures, configuration standards and guidelines to ensure appropriate security risk management throughout the system life cycle
• Perform technical security assessments and audits of information systems, applications and infrastructures to identify vulnerabilities and non-compliance with established security standards and recommend efficient and effective zero trust mitigation strategies
• Pro-actively evaluate emerging risks and advise on and implement effective risk mitigations and state-of-the-art security concepts Support security incident response, focussing on preventions, containment, eradication, and recovery of information systems

COMPETENCIES

• Independent, passionate and self-motivated with proven ability to deliver on complex and time critical tasks/projects
• Effective project management skills, able to handle multiple projects simultaneously and steer cross-functional and/or virtual project teams
• Very good analytical skills and stress resistance
• Sound data research and testing skills
• Innovative, result, solution and stakeholder-oriented mindset
• Very good ability to overcome resistance to change, mediate in conflicts and resolve issues, and to secure stakeholder buy-in to the proposed solution
• Proficient written and verbal communication skills: ability to explain security rationales and controls to non-technical audiences
• Passionate team player, motivated to work in an international environment, collaborating with interdisciplinary teams
• Versatile and able to grasp new concepts and technologies quickly

QUALIFICATIONS & EXPERIENCE

• Degree in Computer Science or Software Engineering and a minimum of 7 years of experience
• Sound, hands-on knowledge of and experience with managing system related security risks, including the assessment of system security risks, specification of security requirements, the definition of security concepts, secure system design, implementation of security controls, specification of secure configuration standards, assessment of security controls and vulnerabilities
• Experience in developing and deploying zero trust security controls in Microsoft Azure and Ofice365 environments, including knowledge of Intune, Conditional Access, Cloud App,  Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention 
• Experience with setting security standards and best practices
• Experience with 1 or more Identity and Access Management and with Strong Authentication Systems; knowledge of Azure AD, Active Directory, Kerberos, SSO, SAML, and/or OAuth
• Knowledge of attacker techniques and how to mitigate them in complex environments
• Experience with Public Key Infrastructure including HSM
• Experience with Privileged Access Management and password vault solutions
• Knowledge in Malware protection, Enterprise Detection and Response and Host-based Intrusion Prevention Systems
• Security standards, best practices and guidelines (e.g., NIST SP-800 series, DISA STIGs, CIS)
• Vulnerability, compliance and patch management solutions for complex, heterogeneous systems
• Eligible for a EU/ESA/NATO security clearance
• Proficiency with English