About this job

Serco is a leading Space Services Provider with thousands of skilled resources that has supported over 50 space missions on behalf of more than 10 Space or Government agencies around the globe, including the ESA and NASA. Serco offers space capability across the full space lifecycle from satellite testing to Launch services, LEOP to spacecraft operations, space surveillance to data management, and supporting downstream application development.

On behalf of our customer EUMETSAT, we are currently seeking a talented  Network Information Security Engineer  to join our team in Darmstadt. This wonderful opportunity will have you located at the captivating site in Darmstadt and taking a part of a service team, where you can enjoy a great balance of on-site work.

Your mission is to evaluate and improve EUMETSAT’s current and future IT security levels by providing design and support to the implementation of state-of-the-art security solutions. It would include operation and maintenance of the systems related to the I2D/SEC security infrastructure and services. You would also participate in strengthening the EUMETSAT CERT and SOC service by providing reduction of the average TTR for security incidents managed by both services and to reduce backlog of unresolved incidents.

Responsibilities

• Trade-off, prototyping, design, implementation and verification of new network and information security solutions protecting assets, data and personnel against loss of integrity, availability and confidentiality
• Operation, maintenance, evolution/reengineering, and troubleshooting of network and information security solutions and infrastructure
• Analysis of network and computing infrastructure to identify improvements, opportunities and security gaps
• Technical security assessment and compliance verification of activities with the applicable information security requirements
• Execution of the full vulnerability management lifecycle
• Participation in the CERT, including provisioning of 24/7 stand-by/on-call and incident response
• Regular generation of security reports and metrics
• The foreseen activities would be focused, but not limited on evolution of:
• Network security orchestration
• Firewalling infrastructure
• DMZ segmentation and monitoring
• Network Access Control (NAC)
• Network IDS/IPS and malware protection/detection
• Zero trust infrastructure
• Log management infrastructure
• Compliance and vulnerability management infrastructure
• Asset management infrastructure
• Security Operations Centre (SOC)
• Privileged Access Management (PAM)
• Identity and Access Management (IAM)

Profile

• Bachelor’s or Master’s degree or equivalent
• 3+ years’ of experience working in a relevant, security-related environment
• Working knowledge of ITT foundations (network, OS, application)
• Vulnerability management, in particular performing vulnerability assessments
• Strong technical writing abilities
• Basic knowledge of ISO/IEC 27001 and 27002
• Designing, implementing, and delivering large-scale enterprise network security solutions
• Administration and maintenance of network security solutions
• Auditing and implementation of corrective actions of firewall configuration
• Administration and maintenance of firewalls (Cisco ASA, Cisco FirePower and Palo Alto)
• Experience and availability for a 24/7 stand-by/on-call services
• Designing, implementing and delivering large-scale information security solutions
• Administration and maintenance of information security solutions
• Security-focused auditing for compliance to either security requirements or standards like ISO/IEC 27000-series
• Patching and hardening of infrastructure in an operational environment
• Strong experience with incident response
• Fluent in English
• Team-working mindset

Nice to have:

• Experience in service delivery and managing a team of engineers on customer’s premises
• Experience with network security forensic analysis
• Experience with threat intelligence and threat hunting
• Administration and maintenance of CyberArk in production on operational equipment
• Administration and maintenance of TrendMicro Deep Security in production on operational equipment
• Administration and maintenance of Rapid7 insightVM/Nexpose in production on operational equipment

Within Serco we believe there is a place here for everyone. Diversity & Inclusion at Serco is based on a culture where every voice is heard, and every employee feels valued. Working together as one team, we can enhance the experience of our people and teams, improve the value of our solutions to better serve the missions of our customers, and make a difference in our world. We are enthusiastic and passionate about our work which is infectious. We allow our employees to take responsibility for their work and promote a positive working culture.

What we offer:

• An exciting, inspiring, international, and ambitious working environment
• Training and development opportunities
• Career progression
• Paid holiday
• Highly competitive salaries considering your skills and personal value to the company
• Pension schemes
• Summer and Christmas parties