Share this Job
Apply now »

(Senior) Engineer, Cloud and System Security

Requisition Number:  12683
Contract Type:  Permanent

Manassas, VA, US Betzdorf, LU


In this position you will be directly accountable for translating advanced security requirements into comprehensive effective and efficient technical security concepts. You will lead and advise project and BizDevOps teams to deliver solutions that are resilient against advanced threats. You will autonomously lead and deliver complex cyber security implementation projects and design, implement and automate advanced cloud, system and application security controls leveraging best of breed and cloud native state of the art security technologies.


Extended Job Description: 


  • Translate advanced security requirements, threats, vulnerabilities and security risks in complex, heterogeneous environments into comprehensive effective and efficient technical security concepts
  • Lead and advise architects and BizDevOps teams on effective and efficient cyber security strate-gies, architectures and technical security controls to meet advanced security requirements and de-liver resilient solutions against advanced threat actors
  • Design and document system and application security architectures and concepts in line with indus-try and governmental security standards that effectively mitigate security related risks, while ac-commodating complex operational needs in complex hybrid infrastructures
  • Autonomously lead complex cyber security implementation projects as laid out in SES’s information security strategy and deliver them within time, cost and scope.
  • Design, implement and automate advanced cloud, system and application security controls leverag-ing best of breed and cloud native state of the art security technologies, including EDR, O365 Securi-ty, data leakage prevention and rights management, identification and access management, active directory security, secure software development
  • Define policies, processes, procedures, configuration standards and guidelines to ensure appropriate security risk management throughout the system life cycle
  • Perform technical security assessments and audits of complex information systems, applications and infrastructures to identify vulnerabilities and non-compliance with established security standards and recommend efficient and effective mitigation strategies
  • Evaluate emerging risks and advise on and implement effective risk mitigations and state-of-the-art security concepts
  • Support security incident response with a focus on the implementation of effective preventive system security controls as well as containment, eradication and recovery of information systems



  • Highly autonomous and self-motivating with proven ability to deliver on complex and time critical tasks/projects
  • Strong project management skills, able to handle multiple projects and lead cross-functional and/or virtual project teams
  • Strong analytical skills and stress resistance
  • Strong ability to overcome resistance to change, mediate in conflicts and resolve issues, and to secure stakeholder buy-in to the proposed solution
  • Strong written and verbal communication skills: ability to explain security rationales and controls to non-technical audiences
  • Excellent team player and ability to work in international and interdisciplinary teams
  • Ability to learn new technologies quickly



  • Degree in Computer Science and a minimum of 10 years industry related experience in large hetero-geneous environments
  • Sound, hands-on knowledge of and experience with managing system related security risks, includ-ing the assessment of system security risks, specification of security requirements, the definition of security concepts, secure system design, implementation of security controls, specification of se-cure configuration standards, assessment of security controls and vulnerabilities
  • Knowledge of:
    • MS Azure, Office 365, Azure Information Protection, Security Center, Cloud App Security, Microsoft Defender for O365, Defender for Identities, Intune, Conditional Access, Identity Protection, Application Gateway, Security and Compliance, 
    • Azure DevOps 
    • Operating Systems (MS Windows 10, Windows Server 201x and Linux), Citrix, VMWare, VDI, WVD, containers and applications, including a clear understanding of their vulnerabili-ties and how to securely design and implement them
    • Automation using common scripting languages and interfaces including Powershell, Py-thon, Terraform, JSON, SOAP, RestAPI, etc
    • Identity and Access Management and Strong Authentication Systems, including Azure AD, Active Directory, Kerberos, SSO, SAML, OAuth
    • MITRE ATT&CK framework for Enterprise and Cloud, attacker techniques and how to miti-gate them in complex environments
    • Public Key Infrastructure including HSM (e.g., Public Certificate Management, Internal Cer-tificate Management, …)
    • Privileged Access Management and password vault solutions
    • Malware protection, Enterprise Detection and Response and Host-based Intrusion Preven-tion Systems
    • Security standards, best practices and guidelines (e.g., NIST SP-800 series, DISA STIGs, CIS)
    • Vulnerability, compliance and patch management solutions for complex, heterogeneous systems
  • Relevant product and general security certifications (e.g., Microsoft Azure, O365, CompTIA Cloud, GCWN, GCED, GCUX, GISP, GPEN, CISSP, CEH) and knowledge of the satellite industry are a plus
  • Solid knowledge of cyber security threats, vulnerabilities, security technologies, controls and best practices



  • Fluency in English, any other language is considered as an asset
  • Willingness to travel internationally and to perform on-call duty as required
  • NATO/EU SECRET clearances are considered a strong asset. Candidate must be willing to undergo a security clearance procedure as this position might require holding security clearance

Nearest Major Market: Washington DC

Apply now »