Cyber Security Incident Responder (d/f/m)

Airbus Cybersecurity GmbH

Airbus is a global leader in aeronautics, space and related services. In 2018 it generated revenues of € 64 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other’s expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary – on the ground, in the sky and in space.

Job Description

As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.

A vacancy for an incident responder (d/f/m) has arisen within Airbus CyberSecurity in Munich/Ottobrunn.

Disabled applicants with equal qualifications will be given special consideration.

Your main tasks and responsibilities will include:

– Being responsible for the end-to-end incident response from classification to lessons learned

– Defining and carrying out security incident identification measures

– Overseeing the ongoing analysis activities in Forensics or Reverse Engineering and analysing data in order to build a comprehensive view of the incident

– Maintaining and sharing incident documentation

– Defining response strategy and present it to the management for approval

– Participating in cyber-crisis management and coordination

– Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence

– Drafting incident reports tailored for management and technical peers

– Communicating efficiently during the identification, containment, eradication, recovery and post-mortem incident response activities

– Maintaining and continuously improving the standard incident response toolkit

– Contributing to awareness trainings

This role will involve some travel for business.

You have the following skills and experience:

– Educated to degree level in IT Security, Engineering or equivalent

– Several years of experience as an Incident Responder

– Background in operating systems security, anti-virus technologies and network security

– Practical level understanding of common TCP/IP-based services and protocols including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc.

– Sound knowledge and experience in:

. Firewall theory, proxies/reverse proxies, IDS/IPS, etc.

. Full packet capture analysis

. Application level security: web applications, databases, secure development

. Vulnerability assessment and handling

– Hands-on experience in:

. Malware reverse engineering and handling malicious code incidents

. Systems (file and memory) and network forensics analysis, with tools such as FTK, EnCase Enterprise

– Knowledge of development and scripting languages such as Python, C/C++, Java, Javascript, Perl or Ruby, regular expressions, Linux shell/BASH, Windows Powershell

– One of the following certifications is required:

. GCIH (GIAC Certified Incident Handler)

. GCIA (GIAC Certified Intrusion Analyst)

. ECIH (EC-Council Certified Incident Handler)

. CSIH (SEI Certified Computer Security Incident Handler)

. SCPO (SABSA Certified Security Operations & Service Management Practitioner) or an equivalent certification in the field of incident handling recognized internationally

– An internationally recognized certification in penetration testing or forensics would be a plus

– Fluent English; German skills would be a plus


Please apply online for this vacancy at our careers site (www. with your CV attached.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.

What we offer:

– Flexible working time

– Balance of work and family life

– Interesting development opportunities and exciting perspectives

– Extensive company training offers (eLearning and classroom trainings)

– Challenging tasks on unique services and products

– Pleasant working atmosphere in a professional and international working environment

– An extensive range of social benefits, such as an attractive company pension scheme and numerous employee discounts (e.g. leasing-specials)

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

To apply for this job please visit

Please mention you found this job on to help us get more companies to post here 🙂

Scroll to top