Head of the Cyber Internal Auditor (CIA) Unit
European Space Agency - ESA
Job Requisition ID: 19205
Date Posted: 18 December 2024
Application Deadline: 8 January 2025 23:59 CET/CEST
Publication: Internal & External
Type of Contract: Permanent
Directorate: Navigation
Workplace: Noordwijk, NL
Grade Band: A2 - A4
Location
ESTEC, Noordwijk, Netherlands
Description
Head of the Cyber Internal Auditor Unit in the Navigation Security Office, Directorate of Navigation.
Reporting to the Head of the Navigation Security Office, you will be in charge of the Cyber Internal Auditor team who are responsible for the evaluation of the level of compliance of the information security management system and implemented security measures with defined requirements, security policies in place and the appropriate safety standards, within the navigation projects. It includes the planning and implementation of the cybersecurity audits and the provision of independent feedback.
Duties
Your tasks and responsibilities will include:
- developing and implementing a risk-based cyber security audit strategy for ESA within the navigation programmes in compliance with the policies and requirements established by the European Commission, the Information Security on audit standards, guidelines and best practices;
- planning the next year cyber security audits with industry for which European Commission cyber requirements apply, submitting the proposed cyber internal audit plans to the Head of the Navigation Security Office and the Director of Navigation for approval;
- executing the agreed cyber audit plans for the current year, preparing the yearly cyber audit reports, submitting them for approval to the Head of the Navigation Security Office and the Director of Navigation;
- conducting the cyber security audits in accordance with the audit standards, guidelines and best practices to meet planned cyber security audits;
- performing cyber security awareness across the ESA Directorate of Navigation, the ESA Security Office, the European Union Agency for the Space Programme (EUSPA) and the European Commission, including the communication of emerging issues, potential risks and audit results;
- being the main point of contact for the EUSPA Cyber Internal Auditor Team for the appropriated alignment of the cybersecurity audits;
- advising on the implementation of risk management and control practices within the ESA Directorate of Navigation, while maintaining independence and providing independent feedback on the effectiveness and efficiency of the information security management system and security measures;
- following the evolution of cyber security policy standards, regulations and norms, in particular in Europe;
- coordinating the development, operations, training and maintenance of the necessary Computer Assisted Audit Technics (CAATS) to perform the cyber security audits with industry;
- attending on boards established within the programmes for dealing with non-conformances (requests for waivers); participating in Cyber Boards and relevant programme reviews with internal and external stakeholders (ESA, EUSPA and the Commission).
You will also be responsible for identifying, assessing, managing and reporting the health and safety risks in your area of responsibility.
Technical competencies
Knowledge of cyber security (policy, detection, reaction and correction)
Knowledge of cyber vulnerability management and associated standards
Knowledge of and experience in auditing of complex secure systems
Knowledge of security auditing standards and regulations
Behavioural competencies
Result Orientation
Operational Efficiency
Fostering Cooperation
Relationship Management
Continuous Improvement
Forward Thinking
For more information, please refer to the ESA Core Behavioural Competencies guidebook.
Education
A master’s degree in engineering or law is required for this post.
Additional requirements
- You should have substantial security or audit experience
- You are expected to have a very good background in cyber security, policy, and associated standards and regulations
- You must possess good judgment, integrity, and good communications skills, and be willing to travel
- The potential to manage individuals or a team of experts in a project
- The ability to organise their activities and ensure a motivating work environment
- Strong leadership capabilities, with proven relationship management and communication skills
- The ability to drive your team’s performance, developing your people by encouraging learning, delegating responsibility and giving regular and constructive feedback
- Strong problem-solving skills to deal with day-to-day operational challenges, together with demonstrated planning and organisational skills
- Strong results orientation with the ability to set priorities and present practical solutions both orally and in writing
- The ability to manage challenging situations proactively and constructively and to be customer focused.
People management experience is an asset, as is international experience, i.e. outside your home country, as well as experience in diverse functional areas relevant to ESA activities.
Diversity, Equity and Inclusiveness
ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. We therefore welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, beliefs, age, disability or other characteristics. Applications from women are encouraged.
At the Agency we value diversity, and we welcome people with disabilities. Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace. The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further, please contact us via email at [email protected].
Important Information and Disclaimer
In principle, recruitment will be within the advertised grade band (A2-A4). However, if the selected candidate has less than four years of relevant professional experience following the completion of the master’s degree, the position may be filled at A1 level.
Applicants must be eligible to access technology and hardware which is subject to European and US export control regulations and for security clearance by their national security administrations.
During the recruitment process, the Agency may request applicants to undergo selection tests. Additionally, successful candidates will need to undergo basic screening before appointment, which will be conducted by an external background screening service, in compliance with the European Space Agency's security procedures.
Note that ESA is in the process of transitioning to a Matrix setup, which could lead to organisational changes affecting this position.
The information published on ESA’s careers website regarding working conditions is correct at the time of publication. It is not intended to be exhaustive and may not address all questions you would have.
Nationality and Languages
Please note that applications can only be considered from nationals of one of the following States: Austria, Belgium, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, the United Kingdom and Canada, Latvia, Lithuania, Slovakia and Slovenia.
According to the ESA Convention, the recruitment of staff must take into account an adequate distribution of posts among nationals of the ESA Member States*. When short-listing for an interview, priority will first be given to internal candidates and secondly to external candidates from under-represented Member States*.
The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.
*Member States, Associate Members or Cooperating States.
Who we recruit »
Recruitment Process »
What we offer »
Life at ESA »
FAQ »
Apply now »
Opslaget er indhentet automatisk fra virksomhedens jobsider og vises derfor kun som uddrag. Log ind for at se det fulde opslag eller gå videre til opslaget her: