Astrium UK Information Security Engineer
- Country:United Kingdom
- Study level:Vocational
- Contract type:Permanent
Astrium brings space to you.
Number 1 in Europe and number 3 worldwide, Astrium employs over 17,000 men and women mainly based in five European countries: France, Germany, the UK, Spain and the Netherlands. Our technical excellence and extensive prime contractorship experience extend across all sectors of the space business – launch vehicles, manned space activities, satellite systems and related services.
The Astrium UK Information Security Engineer is in charge of:
- Providing IM Security support for Astrium IM projects, consisting in an expertise delivery regarding applicable National
Regulations and Laws, IM Security Policies and IM Security Best Practices and recognised standards.
- Reviewing compliance of these projects against applicable National Regulations and Laws, IM Security Policies and IM
Security Best Practices and recognised standards.
- Proposing, managing and accompanying remediation in case of non-compliance to be followed-up in action plans.
- Conducting post-incident analysis in order to help remediation plan or security improvement measures definition.
- Designing, building and running the information security reporting solution in Astrium Ltd; providing generic or specific information security report and communication support regarding IM Security Project Support and Control Activities.
The job holder will be member of the FI3 team. The FI3 department is responsible for the complete IM security for IT systems, networks in Astrium, and is supporting all ICT projects and programs in terms of security within this organisation.
He/she will report hierarchically to Astrium UK National Information Security Officer (NIMSO - FI34) for national projects and to the Astrium Chief Information Security Officer (CISO) for Astrium Corporate, EADS or Extended Enterprises projects in case of involvement.
Participate in IM Project Teams in order to support them with IM security.
¤ Define, plan and coordinate the IM Security Plan for projects.
¤ Define, plan and follow-up Remediation Action Plan.
¤ Conduct on demand of the CISO or the NIMSO specific IM Security activities.
¤ Conduct on demand of the CISO or the NIMSO post-incidents analysis and investigations.
¤ Participates in the centre of excellence for information security, for example offering internal management consultancy advice
and practical assistance on information security risk and control matters throughout the Astrium organization.
¤ Participate in the overall Astrium awareness programs (plan activities; deliver awareness sessions; review efficiency;
remediate if needed).
The successful candidate holds a degree in information technology or has a comparable qualification and a sound and solid work experience in the IT security area, specifically in project management.
BTECH Higher in IT or an equivalent degree. CISSP or CISM which are global recognized IT security qualifications.
He/she is highly knowledgeable in IT networks, infrastructures, security technologies, processes and methods with the ability to understand Astrium business and key challenges regarding preservation of informational assets.
Minimum of 5 years in IT security and 2 in project management.
He/she has already a sound knowledge of governmental laws and regulations applicable in the UK and Europe (both from industrial and defence perspectives), ISO 27000 standards.
He/she is aware about threat evolution and emergence, associated risks and countermeasures.
Excellent communication and negotiation skills with the ability to work in a transnational environment and with a team-oriented mindset.
Trustworthy professional with high standards of integrity.