Senior Cyber Security Engineer

Senior Cyber Security Engineer at SES Satellites

Role Description Summary

In this position, you will be responsible for integrating security practices into the software development lifecycle. Your primary focus will be on ensuring the security of applications through both static and dynamic code analysis, but also ensuring that the application is designed by following system security concepts, standards, and best practices. You will manage and advise several projects and BizDevOps teams to deliver resilient zero-trust solutions in a diverse and fast-paced environment, ensuring secure application design and adequate security controls are in use.

Primary Responsibilities / Key Result Areas

• Work in close collaboration with the Software Center of Expertise (SWCoE) and software development teams to integrate security seamlessly into the development process. Identify critical areas for security implementation and ensure adherence to secure coding practices.
• Conduct thorough analysis of code vulnerabilities using both static and dynamic analysis tools. Identify, document, and prioritize vulnerabilities, and work with development teams to remediate them.
• Automate security controls, data protection, and vulnerability management systems within deployment pipelines. Develop and implement automation scripts to enhance security testing and monitoring.
• Develop, document, and disseminate security best practices, standards, and guidelines for software development. Conduct training sessions and workshops for development teams on secure coding practices and threat modeling.
• Work closely with cross-functional teams, including development, operations, and security, to ensure a cohesive approach to security throughout the software development lifecycle.
• Stay updated with the latest security trends, vulnerabilities, and technologies. Continuously improve security processes and tools to enhance the overall security posture of the organization.
• Translate advanced security requirements into comprehensive, effective, and efficient technical security concepts in line with industry and governmental security standards that effectively mitigate security-related risks, threats, and vulnerabilities while accommodating complex operational needs in complex hybrid infrastructures.
• Autonomously lead complex cyber security implementation projects as laid out in SES’s information security strategy and deliver them within time, cost, and scope.

COMPETENCIES

• Independent, passionate, and self-motivated with proven ability to deliver on complex and time-critical tasks/projects.
• Effective project management skills, able to handle multiple projects simultaneously and steer cross-functional and/or virtual project teams.
• Strong analytical skills and stress resistance.
• Innovative, result, solution, and stakeholder-oriented mindset.
• Strong ability to overcome resistance to change, mediate in conflicts and resolve issues, and to secure stakeholder buy-in to the proposed solution.
• Proficient written and verbal communication skills: ability to explain security rationales and controls to non-technical audiences.
• Passionate team player, motivated to work in an international environment, collaborating with interdisciplinary teams.
• Versatile and able to grasp new concepts and technologies quickly.

Qualifications & Experience

Required Qualifications

• Degree in Computer Science or Software Engineering and a minimum of 5 years of experience with a strong focus on security and DevOps practices.
• Proficiency in various DevSecOps toolkits. Familiarity with information security frameworks and standards.
• Knowledge of attacker techniques and how to mitigate them in complex environments.
• Experience with DevOps automation tools such as Terraform, GitHub Actions, and CI/CD pipelines.
• In-depth knowledge of static and dynamic code analysis tools, vulnerability management, and secure software development practices.
• Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks effectively.
• Security standards, best practices, and guidelines (e.g., NIST SP-800 series, DISA STIGs, CIS).
• Vulnerability, compliance, and patch management solutions for complex, heterogeneous systems.
• Experience managing and understanding Web Application Firewalls.
• Experience with 1 or more Identity and Access Management and with Strong Authentication Systems; knowledge of Azure AD, Active Directory, Kerberos, SSO, SAML, and/or OAuth.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
• Proficiency with English.

Preferred Qualifications

• Experience in developing and deploying zero-trust security controls in Microsoft Azure and Office365 environments, including knowledge of Intune, Conditional Access, Cloud App, Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention.
• Experience with Microsoft DevOps.
• Experience with MITRE ATT&CK framework for Enterprise and Cloud.
• Cloud security certifications.
• Solid knowledge of cyber security threats, vulnerabilities, security technologies, controls, and best practices.

Key skills/competency

• DevSecOps
• Static Code Analysis (SAST)
• Dynamic Code Analysis (DAST)
• Vulnerability Management
• Secure Coding Practices
• CI/CD Security
• Azure Security
• Zero Trust Architecture
• IAM (Identity and Access Management)
• Project Leadership