With a strong presence in Europe, Serco collaborates extensively with the European Space Agency (ESA), providing comprehensive services from earth observation data management to spacecraft control and flight dynamics. In collaboration with ESRIN, Serco has made significant contributions to various space missions. Our technical and scientific support has been pivotal in enhancing the efficiency and effectiveness of ESA's operations. By joining Serco's team at ESRIN, you will be part of a dynamic environment focused on innovation and excellence in space exploration and data management, contributing to groundbreaking projects that shape the future of space technology.
We are currently seeking an experienced and dynamic IT Infrastructure Specialist to join our Italian Office in Rome. Join a ground-breaking European project at the forefront of satellite technology and climate research.
Main Responsibilities:
As IT Infrastructure Specialist you will be responsible for:
1. Definition, documentation and implementation of the Security Operation Procedures (SECOPS) in line with ESA requirements and according to the IT infrastructure team practices and the Cloud provider available mechanisms and procedures including at least:
2. User management and password policy procedures.
3. Management of secrets (i.e. certificates, encryption keys, etc).
4. Backup and restore of the service assets.
5. Security assessment and vulnerability analysis.
6. Security patching of OS, databases and other FOSS / COTS used.
7. Erase and disposal procedures.
8. Contribute to the definition, consolidation, maintenance and renewal with ESA of the Security Management Plan in line with ESA requirements; the definition of the Security Risk Assessment Process and the associated verification controls in line with the defined methodology.
9. Contribute to the definition, consolidation and the execution of the Security Verification Plan, collecting all the verification evidence to produce a comprehensive security verification report.
10. Support to security audits to the B-COPS managed infrastructure and security operations performed by ESA, the B-COPS security officer or any third party.
11. Engineering support to the definition of the B-COPS managed infrastructure.
12. Support to the security verification of the B-COPS applications according to OWASP guidelines.
13. Perform the routine security operations procedures including frequent vulnerability analysis and CIS benchmarking.
Successful Candidate:
Your skills:
1. Degree in Engineering or technical University degree with some cybersecurity certificate / security education accreditation.
2. Very good knowledge of some security risk assessment methodology (e.g. EBIOS, ISO 27000) and proven hands-on records of its implementation.
3. Very good knowledge regarding the definition and implementation of Security Operations Procedures (SECOPS).
4. Very good knowledge of English, in particular writing skills to produce documents.
5. Proficient use knowledge of any SIEM tool (open source or enterprise) including deployment, configuration and operations.
6. Very good knowledge of network protection security measures (i.e. firewalls, intrusion detection/prevention systems, URL filtering).
7. Clear understanding of the published lists of Common Vulnerabilities and Exposures (CVE), in terms of the exploit procedure, likelihood and impact.
8. Good knowledge of hardening techniques for Linux, Docker and PostgreSQL.
9. Knowledge of OWASP top 10 vulnerabilities and the associated mitigations.
10. The ability to work in English and in an international environment / team.
11. Ability to work independently & self-motivate.
12. Very good communication skills and a convincing personality.
13. Capability to think out of the box.
#J-18808-Ljbffr