Job Description:
Telespazio works to bring Space closer to Earth, benefitting citizens, institutions and companies in a variety of sectors ranging from design and development of space systems to management of launch services and in orbit satellite control; from Earth observation to integrated satellite communication, navigation and localisation services, and through to scientific programmes. Its open innovation approach, together with the cross-contamination of different operational domains and a constant focus on issues of environmental sustainability, allow Telespazio to operate in sectors that will become increasingly important in the years to come: from communication and positioning services for the Moon to management and monitoring of satellites and other orbiting objects (Space Domain Awareness), and creation of advanced in orbit services and satellite operation of drones and unmanned vehicles. Moreover, using innovations such as artificial intelligence and machine learning to process big data from satellites, Telespazio is in the front lines of development of space applications capable of improving people’s lives on our planet and helping to win the great challenges of our times, such as the effects of climate change.
Telespazio is a joint venture between Leonardo (67%) and Thales (33%) and one of the world’s biggest suppliers of satellite solutions and services. The company teams up with Thales Alenia Space to form the parent companies’ Space Alliance, a strategic partnership which offers a complete range of space services.
Founded in Italy in 1961, Telespazio is based in Rome and counts more than 3000 employees through its various subsidiaries and joint ventures.
Job Mission
The Cyber Security System Engineer will focus on the design, testing and implementation of cyber security solutions for satellite sytems. He will also provide expert guidance/assistance as required to other technical teams in regard to cyber security and security tools integration matters.
Main Activities
1. Analyze customer security requirements and derive system security requirements;
2. Design system security architectures and prepare cyber security design documents at both system and component levels;
3. Implement and monitor security solution for the protection of the Space Segment and Ground Segment Architectures;
4. Analyze the output of Security Risk Assessments to develop new cyber security solutions;
5. Interface with partners and sucontractors in order to identify the best security solution to meet custome requirements;
6. Support technology and innovation scouting for within the cyber security sector;
7. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements;
8. Test security systems to ensure they behave as expected;
9. Perform or supervise Vulnerability Assessment and Penetration Testing to identify any vulnerabilities in the network, equipment and integrated system;
10. Prepare and document security operating procedures and protocols (SecOps);
11. Write reports including assessment-based findings, outcomes and propositions for further system security enhancement;
12. Participate as a contributor for cyber security matters in research and development activities for national or internation institutions (national space agencies, ESA, EUSPA and the European Commission);
13. Support the preparation of technical documents for tenders;
14. Perform training to final security solutions' end users.
Desired qualifications, skills and experience:
15. Master degree in STEM disciplines with possible specialization in Cyber Security;
16. Good knowledge of English language, both written and spoken (level B2 as a minimum);
17. Experience in design and deployment of security systems, such as firewalls, IPS/IDS, packet capture, authentication systems, SIEM, XDR, VA/PT, KMS, PKI, Threat Intellignece Systems, etc.;
18. Knowledge of vulnerability analysis, penetration testing, risk assessment, cryptographic techniques, key management and National Security Certifications (Common Criteria, TEMPEST and Cryptosec) etc.
19. Knowledge of Security Operation Center architectures for critical infrastructures;
20. Knowledge on security framework, such as NIST, ISO 2700x, EU Security Directives, National Cybersecurity Framework;
21. Knowledge about INCOSE and ECSS system engineering methodology;
22. Knowledge about rules and regulations for the design of classified information systems at national, EU or NATO level wuld be considered as an asset;
23. Strong communication, critical thinking and analytical skills;
24. Strong leadership, project and team-building skills, including the ability to lead teams and drive initiatives in multiple departments;
25. Demonstrated ability to identify risks associated with business processes, operations, technology projects and information security programs;
26. Ability to act as a security subject matter expert within the engineering group.
Seniority:
Expert