Cybersecurity Insider Threat Analyst
Getafe
Applications have closed
Airbus
Airbus pioneers sustainable aerospace for a safe and united world. Airbus designs, manufactures and delivers industry-leading commercial aircraft, helicopters, military transports, satellites, launchers and more.Job Description:
Summary
A vacancy for a Cyber Insider Threat Analyst in Airbus Detection and Response Department has arisen within Airbus Commercial Aircraft. You will join the Cyber Security Department.
You will be part of an innovation project that has been proven its value to the company and now is in production in a mature team of more than 15 people with different roles and skills, with a solid expertise in the field.
The project is dedicated to investigate different indicators to build an Insider Threat detection product using Machine Learning algorithms by computing the model in a Cloud platform, from a Cybersecurity perspective.
Along with the development of an Insider Threat detection product, detection of this type of threat is also performed.
Job Description
Analyze the results of the Artificial Intelligence algorithms to identify Insiders in the organization, perform searches in the security systems and document the investigated cases.
Design and assist in the development with Cybersecurity expertise, of new and innovative detection capabilities through Artificial Intelligence to detect Insiders (malicious or negligent profiles) within the company.
Assessment of how the detection models behave, evaluate if results are as desired to detect Insiders in pre-production and identify different methods to better evaluate the model. Assess their quality and behavior once put into production in order to detect possible points of improvement. Collect this feedback and be able to deliver it to the development team.
Coordinate the RUN detection team of Insider Protection, attending to the question that the operations have, monitoring its detection quality and creating KPIs for the management. Create procedures, define escalation scenarios, and perform dashboards and reports for investigations.
Analyze data for its value, verbosity and utility in order to identify Insiders to enhance the product's detection capabilities.
Support in the definition of the product strategy, technical road maps of the future developments, and identify of new different stakeholders.
Perform Threat Intelligence of Insiders cases to be able to identify actionable Intel to improve the detection capabilities or identify new and innovative ways of detecting this type of threats.
Analyze the results of the Artificial Intelligence algorithms to identify trends and risky general activities.
Your role
Your role as an Cybersecurity Insider Threat Analyst will be building the followings:
Threat Hunting of Insiders with the help of Artificial Intelligence outcomes.
Documentation of the cases and investigations made a Insiders
Communicate results of cases and investigations to different profiles: technical, managers, non-security technical personal
Identification of Tactics and Techniques(MITRE TTPs) used by Insiders
Definition of detection rules used to identify Insider Risk
Assist the Data Scientists in the development of new Machine Learning algorithms
Evaluate how the models perform in the detection capabilities in pre-production, and assess the models that are already into production
Collect this feedback and delivery it to the Data Scientist to do an action plan for improvements
Coordination of the RUN team operators
Creation of KPI that are valuable for the management to evaluate the RUN team capabilities
Creation of Dashboard and Reports for the operators to investigate, and for the management to monitor the quality
Identification and analysis of new data that can add detection quality to the product
Creation and support of a actionable strategy for the product
Development of a Technical Roadmap
Threat Intelligence to build actionable indicators to identify Insiders
Identify threats to deliver a newsletter to other security departments
Task & accountabilities
As the successful candidate your main tasks & accountabilities are:
# Develop AI detection rules that will allow us to reveal insider threat anomaly
# You will need to participate in the investigation of the detected suspicious behaviors related to insider threat.
# Ensure the delivery of analysis project end to end from the anomaly case study to the final result analysis restitution into the dashboard and visualization tools.
# Contribute to the evolution and improvement of the Insider Protection product framework. This role will involve regular travel to Toulouse and as such you must be able to travel accordingly.
Required skills
We are looking for candidates with the following skills and experience:
Master’s Degree specialized in Cybersecurity or Information Technology or Superior Degree in System, Network or Security.
At least 4 years of experience on Cybersecurity specifically in Detection & Response.
Experience working with Mitre Matrix TTPs.
Knowledge and experience in SPLUNK, mainly as a Power User. Certification is a plus but not mandatory.
Capacity to transcript from business demand to develop a suitable application in accordance with the requirements
Good knowledge in data collection methodologies and cybersecurity log management is a plus
Knowledge and/or experience of machine learning is a plus
Capacity to innovate- out of the box thinking
Travel willingest to France, 2-4 times per year
At Airbus we are focused on our employees and their welfare. Take a look at some of our benefits:
Flexible workshift.
Option of continuous schedule from May to September.
Vacation days plus additional days-off along the year (+35 working days off in total).
Attractive & competitive salary and additional bonus.
Hybrid model of working when possible, promoting the work-life balance.
Collective transport service in some sites.
Benefits such as health insurance, employee stock options, retirement plan, or study grants.
On-site facilities (among others): free canteen, kindergarten, medical office.
Possibility to collaborate in different social and corporate social responsibility initiatives.
Excellent upskilling opportunities and great development prospects in a multicultural environment.
Special rates in products & benefits.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company:
Airbus Operations SLEmployment Type:
Permanent-------
Experience Level:
ProfessionalJob Family:
Cyber SecurityBy submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.
At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Artificial Intelligence Cloud Compliance KPIs Machine Learning Monitoring Splunk Strategy Threat detection Threat intelligence TTPs
Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Health care Insurance Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs