je.st
news
Tag: analyst security
Information Security Analyst
2020-08-10 13:10:12| Space-careers.com Jobs RSS
DLR GfR mbH is a company providing reliable, safe and secure aerospace services. We operate and manage the constellation of Galileo satellites in the Galileo Control Center Oberpfaffenhofen on behalf of the European Commission. Our company headquarters is located in an area widely known as a holiday destination the fivelakes region in Upper Bavaria near Munich. At the space industry location in Oberpfaffenhofen, our around 220 employees work every day in international and interdisciplinary teams on the navigation for the future. Become a part of us! Inside of DLR GfR we offer the following career option Information Security Analyst Reference No. 200730 The Cyber Security group within DLR GfR mbH is responsible for the security of Galileo IT applications. As Information Security Analyst for the Galileo project you are responsible within the Cyber Security group for the regular analysis of security risks according to the requirements of the Galileo client European GNSS Agency as well as the verification of the implementation of adequate security measures and also support security audits. You will process and manage documents for monitoring the implementation and verification of security measures of DLR GfR mbH and its projects and carry out regular analyses on their applicability and effectiveness. You will work closely with the IT and cyber security experts of DLR GfR within their projects to gain early insights into securityrelevant deviations in the information system. Based on requirement catalogs, you will regularly develop recommendations for changes and improvements, covering every aspect of the companys information security and its projects. As an Information Security Analyst you are also responsible for the creation and management of ongoing documentation in the event of security incidents at DLR GfR and its projects. Your Mission Independent monitoring and analysis of the regularly running procedures and applications in information security, such as access protection, encryption, configuration control, vulnerability analysis, malware detection, database activities and verification of implementation focus on the Galileo networks and systems review and analysis of event logs to detect anomalies in the local security environment and harmful activities in the Galileo local system development of proposals for dealing with them identification of potential threats to information and communication systems by evaluating the results of technical monitoring tools, in conjunction with local and global risk analyses in the Galileo system Support in the evaluation and reporting of forensic investigations Processing the security risk register, with a focus on the Galileo project Regular internal audits of the Galileo security environment, recording of measures and followup Development of training materials and regular training of project staff in connection with security incident response methodologies Regular reporting to the SiteInfosec team, rapid escalation in the event of a concrete threat situation in the IT area Regular review and documentation of the system against the security requirements defined by the customer Responsible for regularly checking security relevant logs locally and remotely Your Qualification Completed Bachelors degree in computer science or comparable education Many years of experience in the IT sector Many years of professional experience in the security industry Knowledge of national legal requirements as well as international standards in information security e.g. secrecy protection in the economy BMWi, NIST, ISO 27001, etc. Practical knowledge of technologies and common threats in network security Readiness for safety inspection according to SG Business fluent German and English, written and spoken Confidentiality and reliability Our Offer Collaboration in the European lighthouse project Galileo trusting and appreciative cooperation in an international environment international team spirit 30 days annual leave compatibility of career and family life e.g. through flexible working time models in the context of company requirements Extra benefits such as awo lifebalance a varied personnel development program individual career options for example through secondments to partner agencies enterprises abroad employerfinanced retirement plan attractive location with a high recreational value in the fivelakes region near Munich and much much more ...
Tags: information
security
analyst
information security
Security Risk Analyst
2020-04-16 18:16:02| Space-careers.com Jobs RSS
Position Reference 046 RHEA Group is currently recruiting a Security Risk Analyst to support the RHEA Security Services Business Unit. You will have the opportunity to work in a challenging environment with stateoftheart technologies and challenging security projects. As a Security Risk Analyst, you will be involved in risk assessment exercise required in our Security and Research Development projects in order to pursue the securitybydesign approach, support the delivery of security operations services and cybersecurity training. If you have a passion or interest for cyber security and would like to join a team of seasoned experts with diverse backgrounds, then you are in the right place! At RHEA Group will have the opportunity to work and learn in an exciting environment and participate in unique cybersecurity projects for the European Space Agency, NATO and the European Commission. Tasks and Activities The scope of work will include Perform security risk assessment leveraging different methodologies including ISO27005, MEHARI, HTRA Perform security requirements elicitation from the risk assessment results Prepare security risk treatment plan Implement the securitybydesign approach Design of secure architecture encompassing firewalls, IDSIPS, VPN, AAA, encryption etc. Provisioning of best practice advice and guidance in the areas of cyber defence and security operations supporting incident detection, analysis and response including operations policy and procedure development Prepare and deliver training modules in the frame of RHEA Cyber security training courses. Skills and Experience The following skills and experience are mandatory You have a Bachelors or masters in computer science, engineering, IT or a related field You have at least 5 years proven work experience as security risk analyst or security engineer You have experience in delivery of operations services or specification of solutions for cyber defence or security operations including some of the following o ISO 27000 series standards o Information Security policies, standards, and procedures o Information Security concepts involving confidentiality, integrity and availability o Information Security concepts involving threat, vulnerability and risk analysis o Cloud Computing or virtual machine security o Cyber Defence or Continuous Monitoring Solutions o Trusted Product Evaluation standards such as Common Criteria or FIPS 140 o Secure technology standards such as Trusted Platform Module, Trusted Execution Environment o Certification and Accreditation concepts and processes o Cryptography and Public Key Infrastructure PKI o Identity Management systems o Technical vulnerability assessment VA and penetration testing PenTest o Vulnerability and patch management solutions o Host or network based Intrusion Detection and Prevention Systems IDSIPS o Firewalls or Unified Threat Management UTM systems o Virtual Private Networking VPN. o Network Management NM systems o Security Information and Event Management SIEM systems You have knowledge in one or more of the following o Information Security concepts involving incident detection, analysis, decision support and response o Network Local Area Networking LAN, Metropolitan Area Networking MAN or Wide Area Networking WAN technologies o Internet Protocols such as TCPIP, UDP, RIP, OSPF, BGP, SIP, SNMP, IPSec, SSL, TLS o End system architectures and operating systems such as Windows, Linux. o Virtualization technologies such as KVM, VMWare, open nebula etc You have a professional qualification or certification such as CISSP, OSPT or similar. You possess strong interpersonal skills, team working, good analytic and problem solving capabilities. You have strong communication and documentation abilities. You are detailoriented. You have an analytical mind and problemsolving aptitude. You have effective time management and organizational skills. You have past experience in cyber security for space, defense, critical infrastructure, finance or government systems. How to Apply Looking to take your career to the next level? Interested applicants should submit their CV and Cover Letter to RHEAs Recruitment team at careersrheagroup.com no later than 22052020. Preference will be given to candidates with an EU or national personal security clearance at the level of CONFIDENTIAL or above. Eligibility for the clearance is a must. About RHEA Group RHEA Group is a leading engineering consultancy firm with demonstrated expertise in space, system and secure software solutions. We attract skilled engineers, scientists and management professionals and offer a range of exciting career paths working alongside clients such as the European Space Agency, the European GNSS Agency, EUMETSAT and NATO.
Tags: security
risk
analyst
risk analyst
Information Security Analyst
2020-03-24 10:14:36| Space-careers.com Jobs RSS
DLR GfR mbH is a company providing reliable, safe and secure aerospace services. We operate and manage the constellation of Galileo satellites in the Galileo Control Center Oberpfaffenhofen on behalf of the European Commission. Our company headquarters is located in an area widely known as a holiday destination the fivelakes region in Upper Bavaria near Munich. At the space industry location in Oberpfaffenhofen, our around 190 employees work every day in international and interdisciplinary teams on the navigation for the future. Become a part of us! Inside of DLR GfR we offer the following career option Information Security Analyst Reference No. 18032020 The Cyber Security group within DLR GfR mbH is responsible for the security of Galileo IT applications. As Information Security Analyst for the Galileo project you are responsible within the Cyber Security group for the regular analysis of security risks according to the requirements of the Galileo client European GNSS Agency as well as the verification of the implementation of adequate security measures and also support security audits. You will process and manage documents for monitoring the implementation and verification of security measures of DLR GfR mbH and its projects and carry out regular analyses on their applicability and effectiveness. You will work closely with the IT and cyber security experts of DLR GfR within their projects to gain early insights into securityrelevant deviations in the information system. Based on requirement catalogs, you will regularly develop recommendations for changes and improvements, covering every aspect of the companys information security and its projects. As an Information Security Analyst you are also responsible for the creation and management of ongoing documentation in the event of security incidents at DLR GfR and its projects. Your Mission Independent monitoring and analysis of the regularly running procedures and applications in information security, such as access protection, encryption, configuration control, vulnerability analysis, malware detection, database activities and verification of implementation focus on the Galileo networks and systems review and analysis of event logs to detect anomalies in the local security environment and harmful activities in the Galileo local system development of proposals for dealing with them identification of potential threats to information and communication systems by evaluating the results of technical monitoring tools, in conjunction with local and global risk analyses in the Galileo system Support in the evaluation and reporting of forensic investigations Processing the security risk register, with a focus on the Galileo project Regular internal audits of the Galileo security environment, recording of measures and followup Development of training materials and regular training of project staff in connection with security incident response methodologies Regular reporting to the SiteInfosec team, rapid escalation in the event of a concrete threat situation in the IT area Regular review and documentation of the system against the security requirements defined by the customer Responsible for regularly checking security relevant logs locally and remotely Your Qualification Completed Bachelors degree in computer science or comparable education Many years of experience in the IT sector Many years of professional experience in the security industry Knowledge of national legal requirements as well as international standards in information security e.g. secrecy protection in the economy BMWi, NIST, ISO 27001, etc. Practical knowledge of technologies and common threats in network security Readiness for safety inspection according to SG Business fluent German and English, written and spoken Confidentiality and reliability Our Offer Collaboration in the European lighthouse project Galileo trusting and appreciative cooperation in an international environment international team spirit 30 days annual leave compatibility of career and family life e.g. through flexible working time models in the context of company requirements Extra benefits such as awo lifebalance a varied personnel development program individual career options for example through secondments to partner agencies enterprises abroad employerfinanced retirement plan attractive location with a high recreational value in the fivelakes region near Munich and much much more ...
Tags: information
security
analyst
information security
Cyber Security Analyst
2019-04-11 13:29:27| Space-careers.com Jobs RSS
Cyber Security Analyst Deadline for applications 16042019 Client and Location For one of our clients we are looking for a Cyber Security Analyst to joint their team in The Hague, the Netherlands. The purpose of this role is to support the establishment, maintenance, and enforcement of a coherent cyber security architecture. The role will be located in The Hague, Netherlands, and travel to other sites in Belgium will be required. Tasks and Responsibilities Work closely with the cyber security segment architect and other subject matter experts SMEs to support the development and maintenance of business and architecture objectives, and corresponding approaches to cyber security processes, applications, and technology that when applied leads to a coherent and secure implementation Support projects and projectprogramme managers in the implementation of the architecture through a portfolio of projects. This includes production of an array of architectural models and views, establishing and communicating the approach taken and its role in the overall cyber security landscape Synchronization of cyber approach with the NCI Agencys existing and future business goals Optimisation of cyber security approaches via a perception of growing operational and business requirements and technological functionalities Promotion of shared applications and infrastructure to maximise efficiencies and enhance the capability Work closely with solutions architects to provide an opinion based enterprise solution that is flexible, scalable and capable of synchronising with continuously changing business requirements Administration of risks related to cyber security by means of proper security policies and standards Directindirect participation in developing policies, guidelines and standards that steer the development, selection, application and utilization of cyber security capabilities within NCIA Promote and support the expertise of the team Develop team knowhow and abilities in particular areas of expertise Responsibility for the tactical direction of CSSL in conjunction with solution architects, peers, and SMEs Keep a holistic view of all activities in the Portfolio, assist the operational, scientific, and project teams to ensure the articulation and delivery of requirements are met and to provide the appropriate level of Assurance Issue related documentation as required in support of NCI Agencys service delivery to NATO. Experience and Education Be a cyber security specialist with a solid knowledge of both the cyber security area, ICT architecture, and how to use architecture to ensure that the applied cyber security supports the business objectives Knowledge and experience in preventive security measures such as endpoint protection, boundary protection, and identity and access management Knowledge and experience in defensive security measures such as monitoring, correlation, detection, and response to security incidents Knowledge and experience in assessment of cyber security including risk management and vulnerability assessments Knowledge and experience in sustainment of cyber security through continual improvement, governance processes, and design and implementation of cyber security systems Knowledge and experience in information collection, analysis, and reporting to ensure situational awareness Knowledge and experience in developing and applying ICT architectures in support of the business objectives. This shall include knowledge of one or more architectural frameworks, preferably TOGAF, the Archimate metamodel and the NATO Architecture Framework. Excellent communications skills, spoken and written, being able to clearly explain complicated technical matters to nontechnical audiences Good organizational, project, and programme management skills, as good leadership and interpersonal skills. About ATG Europe ATG Europe prides itself in employing Europes brightest minds, and for the last 40 years we have been a key player in delivering highly educated engineering professionals and scientist consultants for RD and Engineering environments throughout Europe. Our headquarters is located in the heart of the European space industry on the Noordwijk Space Business Park in the Netherlands, in close proximity of ESAESTEC. We have subsidiaries in Germany, Ireland and the United Kingdom. We are continually recruiting experienced engineers and scientists for exciting, full time positions based at our public and private customers. As an ATG consultant, you will be working on very diverse missions and assignments. This opens up unique opportunities to be engaged in innovative, stateoftheart projects and challenging you to perform to high standards and utilizing the full extent of your professional knowledge. What do we offer? ATG offers excellent working conditions and provide you with all the other necessary means to further your career. We believe that training and education, combined with regular assessments and a personal development plan, will create the best environment for growth. If needed, we also assist you with settling in your new home or finding the right school for your children. ATG will help in any way it can, including a relocation budget that is applicable for ATG staff as well as employees working at one of our clients. Interested? Submit your CV and personal details through our website at www.jointhebrightestminds.com. For further questions, you can also directly contact our recruitment consultant Michiel Deinema directly on phone number 31 0 71 579 55 48.
Tags: security
analyst
cyber
cyber security
Information Security Risk Analyst
2019-01-04 11:30:32| Space-careers.com Jobs RSS
Position Reference 001 As an Information Security Risk Analyst, you will join a team of Information Security professionals in support of RHEA clients by providing Information Security services in various market sectors including space, critical infrastructure protection and defence. Duties will include delivery of security advice and guidance, risk analysis and management services, reports and other deliverables to meet client needs. Tasks and Activities The scope of work will include Best practice advice and guidance in the areas of security programs, governance, doctrine, policies, standards, methodologies, procedures, and checklists ISO 27000 series compliance evaluation, certification, audit and accreditation Information security risk analysis including asset valuation, threat and vulnerability assessments, safeguards analysis, risk assessment and development of risk treatment plans Information security business and privacy impact assessments Business continuity, contingency and disaster planning testing Information security training and awareness Information security program and project management. Skills and Experience The following skills and experience are mandatory You have a post secondary degree or diploma in a relevant field. Example relevant fields include mathematics, computer science, information technology, information management, business management, risk management or similar. Technical certifications, diplomas or qualifications in information technology or information management, policing and security or related fields may also be accepted. You have excellent oral and written communications capability in English You have experience in evaluation and management of security risks associated to information systems and information security solutions including for example Experience conducting ISO 27000 series evaluations or audits Firewall and VPN solutions Intrusion detection and penetration systems network or host based Identity management and access control systems Encryption and key management technologies Malware detection and antivirus systems Security information and event management systems Vulnerability analysis and patch management solutions TCPIP based routerswitch networking equipment and solutions. You have knowledge or experience in the following areas Information Security concepts involving Confidentiality, Integrity and Availability Security Accreditation and Authorization or Security Certification and Accreditation Statements of Sensitivity or Asset Valuation associated with a risk assessment Threat and Risk Assessments, Vulnerability Assessments, and Safeguard Assessments Privacy Impact Assessments Business Impact Assessments, Business Continuity or Disaster Recovery Plans Information Security policies, standards, and procedures Network and Physical Security zoning requirements You must be a citizen of the EU or a NATO member nation You have a professional qualification or certification in a relevant field. Example certifications include Certified Information System Security Professional CISSP certificate, Certified Protection Professional CPP, Certified ISO 27001 Auditor or similar is considered an asset The following skills would be highly desirable You have experience in information security services for space, critical infrastructure protection and defense market segments. You have a qualification for EUNATO SECRET clearance. How to Apply Looking to take your career to the next level? Interested applicants should submit their CV and Cover Letter to RHEAs Recruitment team at careersrheagroup.com no later than 20012019. About RHEA Group RHEA Group is a leading engineering consultancy firm with demonstrated expertise in space, system and secure software solutions. We attract skilled engineers, scientists and management professionals and offer a range of exciting career paths working alongside clients such as the European Space Agency, the European GNSS Agency, EUMETSAT and NATO.
Tags: information
security
risk
analyst