IT Security Engineer

We are currently looking for an IT Security Engineer to work at our client’s premises in the city of Noordwijk, The Netherlands.

The key person will provide support to the IT Security activities/services implemented and operated by the IT Security section: Protection of ESA Classified RESTRICTED Data (ECRD) Services. In addition, the IT Security Engineer will also support other activities run by the ESA IT department.

Tasks and Activities

The scope of work will include:

• Perform Technology watch, running pilots and prototypes to validate the applicability and usability of new technologies and tools in the ESA security context.
• Contribute to the definition of new services, the improvement of existing services and processes focusing on “IT Security”.
• Perform operational tasks in support to non-default IT Security services such as the ESA Classified RESTRICTED Data (ECRD) Services, ESA Classified VPN management, etc.
• Lead IT Security engineering activities that require a good knowledge of the IT Security domain, during the full activity life-cycle according to applicable procedures, covering requirement definition, design, verification/validation, acceptance testing and transfer to operations.
• Coordinate and/or assist in troubleshooting activities and root cause analysis in the area of security in case of issues spanning across multiple IT service providers.

Skills and Experience

• The following skills and experience are mandatory:
• Master’s degree in a relevant discipline, with at least 4 years of relevant working experience.
• Eligibility for obtaining a personnel security clearance at ESA SECRET level.
• Experience with IT Security Architecture.
• Knowledge of modern IT technologies used for securing end-points (PCs, Mobile devices, IoT, etc.), Infrastructure (network, storage, computing infrastructure and cloud), Operating Systems and Applications.
• Knowledge of the following specific IT technologies:
  • In depth Windows Active Directory, Windows and Linux
  • Open standards based federated Identity and authentication technologies (e.g. SAML, oAuth2, OpenID)
  • F5 Big IP
  • Trusted List for Approved cryptographic products
  • EU VMware Virtualization and VDI technologies
  • Thales encryption solutions
  • Zabbix
  • Advenica encryption and data protection technologies
  • Varonis Data Advantage & Directory Services.
  • Skybox vulnerability management solution technologies.
• Experience with Information Security Management according to ISO 27001.

The following skills would be highly desirable:

• Holding a specific IT Security industry certification/specialisation (e.g. CISSP).