Job Requisition ID: 20365
Date Posted: 25 March 2026
Closing Date: 15 April 2026 23:59 CET/CEST
Publication: Internal & External
Type of Appointment: Fixed-Term
Directorate: Technology, Engineering and Quality
Workplace: Noordwijk, NL
Grade Band: A2 - A4
Location: ESTEC, Noordwijk, Netherlands
DescriptionProject/System Security Officer (PSSO) in the System Security Section (TEC-SES), End-to-End Systems Division, Systems Department, Directorate of Technology, Engineering and Quality.
The System Security Section is responsible for the end-to-end system security engineering of the Agency’s missions, projects and activities in the space, ground and user segments and communication links, as well as at system, subsystem, element and equipment level. It covers the missions from the study phase to the definition of requirements, design, development, security integration/verification and security service preparation, across the full stack, from the physical to the application layer. The System Security Section provides functional support to ESA missions and projects in the area of end-to-end security engineering and cyber security. To serve these functions, it also defines and executes the associated technology research and development (R&D) and studies.
In this position, you will support ESA directorates, or projects and systems, as a Project/System Security Officer (PSSO).
Duties- creating and implementing comprehensive security policies, procedures and access control protocols in compliance with the ESA Security Framework;
- ensuring that the corporate information system and all assets for which the PSSO is responsible are secured, managed and accounted for in accordance with the ESA Security Directives;
- specifying the security standards to be met and practices to be applied by the supplier of the system;
- proactively identifying, analysing and mitigating security threats to infrastructure;
- contributing to the definition, analysis and consolidation of system security requirements;
- conducting security risk assessments and supporting security risk management by proposing suitable security mitigations and countermeasures;
- producing or updating as needed the Security Operating Procedures (SECOPS); coordinating vulnerability assessment/penetration testing on the infrastructure under your responsibility, and ensuring required mitigations are put in place;
- contributing to the authoring of the Information Security Management Plan;
- providing support to (cyber) security activities on the infrastructure under your responsibility, as needed;
- monitoring network activity for threats and managing the response, investigation and reporting of security breaches; ensuring compliance with data protection laws and industry regulations, for example ISO 27001, and performing regular security audits;
- educating staff on security awareness, including how to recognise cyber attacks and follow security procedures;
- collaborating with IT and management to design, implement and maintain required security tools and disaster recovery plans;
- collaborating with technical support, IT and management to scope, design, implement and support the certification/accreditation process (when applicable) in coordination with the ESA accreditation authority;
- collaborating with the wider pool of PSSOs, ISOs and security officers on new security governance activities, cross-directorate processes, implementations, improvements and lessons learned;
- maintaining security-related tools and systems, as well as their disaster and recovery plans; when needed, reporting to executives on the security posture and risk levels.
- General background and specific experience in the technical domains covered by the position
- Expertise in network security, encryption, firewalls and cloud environments
- Certifications relevant to the job description, such as CISSP, CISM and ISO/IEC 27001
- Familiarity with compliance standards such as GDPR
- Understanding of related technologies, R&D trends and the industrial landscape
- Result Orientation
- Operational Efficiency
- Fostering Cooperation
- Relationship Management
- Continuous Improvement
- Forward Thinking
A master’s degree in an engineering discipline, preferably computer science or cyber security, is required for this post.
Additional requirements- At least five years of experience in IT security, risk management or compliance.
- Strong analytical thinking, leadership, and the ability to communicate technical risks to non-technical staff.
ESA is an equal opportunity employer, committed to achieving diversity within the workforce and creating an inclusive working environment. We therefore welcome applications from all qualified candidates irrespective of gender, sexual orientation, ethnicity, religious beliefs, age, disability or other characteristics. We value diversity and welcome people with disabilities. Whenever possible, we seek to accommodate individuals with disabilities by providing the necessary support at the workplace. The Human Resources Department can also provide assistance during the recruitment process. If you would like to discuss this further, please contact us via email at contact.human.resources@esa.int.
Important Information and DisclaimerIn principle, recruitment will be within the advertised grade band (A2-A4). However, if the selected candidate has less than four years of relevant professional experience following the completion of the master’s degree, the position may be filled at A1 level.
Applicants must be eligible to access information, technology, and hardware which is subject to European or US export control and sanctions regulations and be eligible to acquire the security clearance by their national security administrations.
During the recruitment process, the Agency may request applicants to undergo selection tests. Additionally, successful candidates will need to undergo basic screening before appointment, which will be conducted by an external background screening service, in compliance with the European Space Agency's security procedures.
Note that ESA is in the process of transitioning to a Matrix setup, which could lead to organisational changes affecting this position.
The information published on ESA’s careers website regarding working conditions is correct at the time of publication. It is not intended to be exhaustive and may not address all questions you would have.
Nationality and LanguagesPlease note that applications are only considered from nationals of one of the following States: Austria, Belgium, Czechia, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Norway, Poland, Portugal, Romania, Slovenia, Spain, Sweden, Switzerland, the United Kingdom and Canada, Cyprus, Latvia, Lithuania and Slovakia.
According to the ESA Convention, staff shall be recruited on the basis of their qualifications, taking into account an adequate distribution of posts among nationals of the Member States.
The working languages of the Agency are English and French. A good knowledge of one of these is required. Knowledge of another Member State language would be an asset.
#J-18808-Ljbffr€70000 - €90000 monthly