Network Security Engineer
RHEA Group is currently recruiting a Network Security Engineer to support the cyber-security team. You will have the opportunity to work in a challenging environment with state-of-the-art technologies within the cyber-security and Infrastructure as a Service domains.
If you have a passion or interest for cyber security and would like to join a team of seasoned experts with diverse backgrounds, then you are in the right place! At RHEA Group will have the opportunity to work and learn in an exciting environment and participate in unique cyber-security projects for the European Space Agency, NATO and the European Commission.
As a Network Security Engineer, you will be involved in the development, refinement and management of our advanced cyber-range platform, as well as in the delivery of complex cyber-security exercises.
Position is open for permanent contract.
This position will be based at the European space Security and Education Centre (ESEC) near Redu, Belgium, or at Frascati, Italy.
- Provisioning of best practice advice and guidance in the areas of cyber defence and security operations supporting incident detection, analysis and response including operations policy and procedure development, operational scenario definition, operations centre technology selection and implementation, network and host based sensor technology selection and implementation;
- Provisioning of cyber defence and security operations advice and guidance to technical development teams in the areas of cyber defence situation awareness concepts and requirements; incident detection, analysis and response management; visualization requirements; collaborative information sharing; and relevance of security metrics;
- Cyber defence and security operations system research, definition, planning, installation, configuration, operations and maintenance, with a specific focus on RHEA’s cyber-range platform;
- Cyber security training and awareness;
- Security testing activities such as penetration testing and vulnerability assessment.
The following skills and experience are mandatory:
- You have a Bachelor’s or master’s in computer science, engineering, or a related field
- You have proven work experience (minimum 3 years) as a network security engineer or information security engineer.
- You have good command on dealing with security systems, intrusion detection systems, firewalls, anti-virus software, log management, authentication systems, content filtering, etc.
- You have in depth knowledge of:
- Information Security concepts involving incident detection, analysis, decision support and response;
- Network Local Area Networking (LAN), Metropolitan Area Networking (MAN) or Wide Area Networking (WAN) technologies;
- Internet Protocols such as TCP/IP, UDP, RIP, OSPF, BGP, SIP, SNMP, IPSec, SSL, TLS;
- End system architectures and operating systems such as Windows, Linux.
- Virtualization technologies (KVM, VMWare)
- Open vSwitch (OvS)
- You possess strong interpersonal skills, team working, good analytic and problem solving capabilities.
- You have strong communication and documentation abilities.
- You are detail-oriented.
- You have an analytical mind and problem-solving aptitude.
- You effective time management and organizational skills.
Some of the following skills would be highly desirable, in order of priority:
- You have experience with Infrastructure as a Service systems such OpenNebula or OpenStack.
- You have experience in delivery of operations services or specification of solutions for cyber defence or security operations including some of the following:
- ISO 27000 series standards;
- Information Security policies, standards, and procedures;
- Information Security concepts involving confidentiality, integrity and availability;
- Information Security concepts involving threat, vulnerability and risk analysis;
- Cloud Computing or virtual machine security;
- Cyber Defence or Continuous Monitoring Solutions;
- Trusted Product Evaluation standards such as Common Criteria or FIPS 140;
- Secure technology standards such as Trusted Platform Module, Trusted Execution Environment;
- Certification and Accreditation concepts and processes;
- Networking technologies such as Netflow, Sflow, PCap;
- Cryptography and Public Key Infrastructure (PKI);
- Identity Management systems;
- Technical vulnerability assessment (VA) and penetration testing (PenTest);
- Vulnerability and patch management solutions;
- Host or network based Intrusion Detection and Prevention Systems (IDS/IPS);
- Firewalls or Unified Threat Management (UTM) systems;
- Virtual Private Networking (VPN).
- Network Management (NM) systems;
- Security Information and Event Management (SIEM) systems;
- Data Leakage Protection;
- Application White Listing;
- Deep Packet Inspection (DPI) technologies.
- You have a professional qualification or certification in a relevant field. Example qualifications include holding a national professional engineering qualification (e.g., Chartered Engineer in the UK) or holding the European wide qualification of European Engineer (EUR ING). Example certifications include Certified Information System Security Professional (CISSP) certificate, Certified ISO 27001 Auditor or similar.
- A member in good standing recognized as being an Associate Member or a Member in Training for a professional certification in a relevant field. Example certifications include Certified Information System Security Professional (CISSP) Associate Member or similar.
- Experience in security product operations certifications (e.g., Checkpoint firewall certification).
- You have experience in product, system or software research and development (R&D).
- You have experience in cyber security for space, defense, critical infrastructure, finance or government systems.
Preference will be given to candidates eligible for an EU or national personal security clearance at the level of CONFIDENTIAL or above.