Share this Job
Apply now »

(Senior) Engineer, Computer Security

Requisition Number:  16596
Contract Type:  Permanent
Location(s): 

Manassas, VA, US

 

ROLE DESCRIPTION SUMMARY

 

You will lead the cyber security compliance of the Space Operations systems. To fulfil this role, you will act as a Security Delegate (SD) reporting to the VP, Group Information & Cyber Security, leads the Space Operations systems compliance to standards such as ISO27001 or IA-PRE and manages the associated risks register, as well as lead the systems security monitoring and vulnerability management. You will also provide security consultancy to all major Space Operations systems developments. 

In addition, you will act as prime COMSEC Custodian, providing direction and guidance to the Alternate COMSEC Custodians, as identified. You will also leads the inventory, maintenance and operations of the US ground control computer infrastructure.  This includes close coordination with the US Government for audit and recording of SES Communications Security (COMSEC) Inventory.

 

 

PRIMARY RESPONSIBILITIES / KEY RESULTS AREAS

 

  • Act as Security Delegate (SD) for Space Operations.  Lead Space Operations systems security design, monitoring and vulnerability management:
    • Act as the liaison between Space Operations and Information and Cyber Security functions to balance business and information security risk. Align security initiatives within SpaceOperations with global SES security framework.
    • Communicate, coordinate and advise on information risk management efforts with line management and report to the SES Information Security Officer on information security risks and vulnerabilities and how they impact the confidentiality, integrity and availability of information assets in their domain.
    • Implement within Space Operations the SES Information Security Policies and Procedures, as required to ensure compliance with the Information Security framework including configuration standards.  In particular, lead Space Operations systems compliance to standards or guidance such as ISO27001, IA-PRE, NIST SP 800-53, etc.
    • Take the lead in coordinating the Risk Management process, liaising with stakeholders such as IT to consolidate key Space Operations risks, determining action plans, presenting results to Senior Management for strategic steering.
    • Ensure readiness of the Space Operations team for the audit by providing training, education and if needed, coordinating dry runs of Cyber-Security/Compliance Audits, etc. 
    • Lead Space Operations systems security monitoring (such on-boarding of systems to SES’ Security Monitoring platform), and identify, assess and address systems security risks.  Work in close coordination with SES Group Information and Cyber Security to utilize common systems and services for SpaceOps systems to be on-boarded for Vulnerability Management, SIEM/Logging Tools, AV/IDS/IPS, etc.
    • Lead systems vulnerability management such as automatic patching of the systems in close coordination with Space Operations Level-1 technical experts
    • Provide cyber security consultancy to all major Space Operations systems design and development. 
    • Innovate and evolve Space Operations cyber security levels through constructive recommendations and cooperation with SES Group Information and Cyber Security in all areas related to information systems, networks and applications
  • Act as prime COMSEC Custodian and lead the maintenance and operations of the US ground control computer infrastructure:
    • Act as Prime COMSEC Custodian for management of NSA approved Encryption Keys using DIAS system provided by NSA-COR.  Ensure that Alternate COMSEC Custodians are trained in accordance with NSA -COR Policies and Procedures and access to NSA COMSEC Materials is protected in accordance with NSA Requirements.
    • Manage the firewall requests and tackle IT-Security issues, and coordinating the IT maintenance windows, as needed to support Space Operations required network flows/access.
    • Coordinate interventions of 3rd parties, maintenance and operations of the US Data Centers as well as lead the move of the Data Centers as required 
    • Coordinate, support and if needed lead efforts for SpaceOperations transition to Cloud specifically for IT/Cyber-Security requirements and initiatives.

 

COMPETENCIES

 

  • Excellent project management skills
  • Advanced ability to explain security rationales and controls to software operational and development teams
  • Excellent understanding of all Satellite operations systems in terms of design, data flow and operational concept as well as in terms of hardware and O/S.
  • Innovative mind and very good problem-solving skills
  • Highly autonomous, perseverant and determined to deliver high quality results
  • Excellent team player
  • Ability to understand business requirements and work towards solutions, both autonomous and in interdisciplinary teams
  • Broad knowledge in all key areas of Systems Security combined with sound knowledge of network and satellite/communications industry
  • Ability to effectively interact with organizational stakeholders including Senior Management and external partners
  • Be fluent in English (any other language being an asset);
  • Excellent written and verbal communication skills.

 

QUALIFICATIONS & EXPERIENCE

 

  • Degree in Computer Science, Business Information Systems or related studies
  • Minimum of 3 years industry related experience
  • Relevant certifications (e.g., ISO 27001 Lead Implementer, ISO 27005 Certified Risk Manager, CISM, CISA, GLSC, G2700, CISSP, or CISSP-ISSMP) and knowledge of the satellite industry are a plus
  • Hands-on knowledge of and experience with implementing and maintaining Computer Security Management Systems in accordance with ISO 27001 and best practices like NIST
  • Information Security Risk Management frameworks and methodologies
  • Network security, system security, application security and security design
  • Exposure and/or experience with Cloud based environments systems, such as Microsoft Azure, AWS, Google-Cloud, etc.
  • Information Security threats, vulnerabilities, security technologies and controls
  • Vulnerability, compliance and patch management for complex networks, systems and applications
  • Strong knowledge of Information Security Standards and good practices, including ISO 27001 series, NIST SP-800 series, etc.
  • US clearances are considered a strong asset. Candidate must be willing to undergo a security clearance procedure as this position might require holding security clearance

 

 

 

SES is an Equal Opportunity and Affirmative Action Employer.


Nearest Major Market: Washington DC

Apply now »