IT Security Specialist

Apply now »

Posting Start Date: 8 Dec 2025

Location: Rome, IT

Company: Serco Plc

Package Description

  • Competitive Salary 
  • Great career opportunities 
  • Corporate Benefits Package
  • International environment
  • Hybrid work

Job Introduction

Serco is a leading Space Services Provider with thousands of skilled resources that has supported over 50 space missions on behalf of more than 10 Space or Government agencies around the globe, including the ESA and NASA. Serco offers space capability across the full space lifecycle from satellite testing to launch services, LEOP to spacecraft operations, space surveillance to data management, and supporting downstream application development.

 

At Serco, we take pride in being a trusted partner of ESA and other European space stakeholders. Our teams are made up of passionate professionals dedicated to excellence, knowledge-sharing, and meaningful impact.

Main Responsibilities

  • Definition, documentation, and implementation of Security Operation Procedures (SECOPS) in compliance with Customer requirements, IT Infrastructure team practices, and the procedures provided by the Cloud provider, including:
  • User management and password policy definition
  • Secrets management (certificates, encryption keys, etc.)
  • Backup and restore procedures for service assets
  • Security assessments and vulnerability analysis
  • Security patching of Operating System
  • Secure erasure and disposal procedures
  • Contribution to the definition, consolidation, maintenance, and renewal of the Security Management Plan, in line with Customer requirements
  • Definition of the Security Risk Assessment Process and the associated verification controls.
  • Contribution to the definition, consolidation, and execution of the Security Verification Plan, including the collection of all verification evidence to produce a comprehensive security verification report.
  • Support during security audits on managed infrastructure and on security operations.
  • Execution of routine security operations, including frequent vulnerability analyses and CIS benchmarking.
  • Contributing to the definition of security measures required to meet Customer requirements and participating in the production and review of security documentation in collaboration with consortium partners.
  • Acting as Security Manager in specific projects, with full responsibility for producing security documentation, defining the required security measures and technical solutions, and ensuring the right balance between compliance with requirements and the operational impact on the infrastructure. 

Qualifications

  • Very strong knowledge of security risk assessment methodologies (e.g., EBIOS, ISO 27000) and a proven track record of hands-on implementation.
  • Deep understanding and experience in defining and implementing Security Operations Procedures (SECOPS).
  • Excellent command of English, especially strong writing skills for producing technical and formal documentation.
  • Proficient in the deployment, configuration, and operation of SIEM tools (open-source or enterprise).
  • Very solid knowledge of network protection measures (firewalls, IDS/IPS, URL filtering).
  • Clear understanding of Common Vulnerabilities and Exposures (CVE), including exploit procedures, likelihood, and impact analysis.
  • Good knowledge of hardening techniques for Linux, Docker, and PostgreSQL.
  • Familiarity with the OWASP Top 10 vulnerabilities and effective mitigation strategies.
  • Ability to work effectively in English within an international team.
  • Strong autonomy, self-motivation, excellent communication skills, and a convincing, collaborative personality.
  • Demonstrated ability to think outside the box and propose innovative solutions.
  • Engineering or technical university degree, plus cybersecurity certification(s) or equivalent practical experience.
  • Between 1 to 3 years of proven experience in the field of Cyber Security
  • Is an assett having matured experience/supported/worked on datacenter and complex IT environments and/or setting up Virtual environments both on Physical and Cloud Platforms.
  • Excellent written and oral command of English (B1/B2)
  • Capability of integration in an international/multicultural environment, rapid self-starting capability and experience in team working are mandatory.
  • Capacity of achieving schedule and milestones.
  • Capacity of working under pressure.