CS GROUP, together with HE Space and Sopra Steria, has been successfully providing digital end-to-end systems and engineering services for more than 40 years. With over 2000 employees worldwide, we combine advanced and unique skills in both information technology and space data engineering. We combine entrepreneurial agility with cutting-edge technological expertise. CS GROUP is a leading provider of operational systems and an important and trusted long-term partner for space and defence organisations. At CS GROUP, we are driven by innovation and we value our most important asset: our people.

The Security Engineering Team is responsible for the overall vulnerability management of critical systems across different segments (e.g., GCS, GMS) as well as remote sites. The team continuously monitors the threat landscape to identify vulnerabilities applicable to operational systems and ensures timely remediation through patching, mitigation measures, and risk management activities.

This role requires a strong technical and engineering background combined with a deep understanding of modern cyber threats and attacker capabilities, including emerging risks driven by advancements in Artificial Intelligence.

Key Responsibilities

• Monitor, assess, and manage vulnerabilities affecting operational systems and remote sites.
• Perform vulnerability analysis and risk assessment using industry-standard methodologies, including CVSS.
• Review and analyze security procedures and applications used in daily operations, including access control, encryption mechanisms, configuration management, vulnerability assessment, malware detection, and database security activities.
• Ensure prompt remediation of identified vulnerabilities through patching, mitigation measures, or compensating controls.
• Identify, investigate, and classify system anomalies within the local security environment and develop corrective actions and solution concepts.
• Identify potential threats to information and communication systems, define response plans, review implementation of security measures, and develop operational solutions ready for approval and deployment.
• Escalate security incidents, policy violations, and critical vulnerabilities when required.
• Maintain and continuously update the Security Risk Register through the identification of new cyber security risks and threats.
• Conduct regular reviews of systems against customer-defined security requirements, document compliance status, and develop corrective action plans for identified deviations.
• Provide regular reporting to the Cyber Security Manager and System Evolution & Security Manager, ensuring rapid escalation of critical security situations.
• Support the preparation of security training materials and conduct regular cyber security awareness sessions for project personnel.
• Define, implement, and support new cyber security projects and technical solutions.
• Contribute to the continuous improvement of security monitoring, analysis, and reporting tools.
• Support secure engineering practices throughout the system lifecycle and collaborate with multidisciplinary teams to enhance the overall security posture.

• Minimum 2 years of professional experience in IT Systems Security, Cyber Security, or a related field.
• Strong experience working with Linux operating systems (Debian, Ubuntu) through the command line.
• Good programming skills in Python.
• Knowledge of virtualization technologies such as VMware, Hyper-V, and Proxmox.
• Experience with scripting languages such as Bash or PowerShell.
• Knowledge of the Common Vulnerability Scoring System (CVSS).
• Understanding of cryptographic principles and security technologies.
• Strong knowledge of systems engineering processes and methodologies.
• Experience in vulnerability management, security monitoring, and risk assessment activities.
• Strong analytical and problem-solving capabilities.
• Excellent communication and interpersonal skills.
• Ability to work independently and within multidisciplinary teams.
• Fluent English, both written and spoken.

Desirable Skills

• Knowledge of containerization technologies such as Docker.
• Experience with Python web frameworks, particularly Django.
• Understanding of the Software Development Lifecycle (SDLC).
• Experience with software security testing techniques, including static analysis, dynamic analysis, and fuzz testing.
• Previous experience working in Agile/Scrum environments.
• Familiarity with space, critical infrastructure, or highly regulated environments.

This position is based in Weßling-Oberpfaffenhofen, Germany.

Candidates must be eligible to obtain a German Ü2 security clearance.

If you believe you have what it takes for this position, please send your CV (in English and in Word or PDF format) to Andrés Izquierdo by clicking on the ‘Apply for this job’ button and quoting job reference.

An exciting and dynamic international working environment awaits you!

Last apply date: 30/06/2026!