Airbus Cybersecurity SAS
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other’s expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary – on the ground, in the sky and in space.
European specialist in cyber security, Airbus Cybersecurity’s mission is to protect companies, critical national infrastructures, as well as government and defence organizations against cyber threats. Its reliable and high performance security products and services are able to detect, analyze and neutralize the most sophisticated cyberattacks.
We have more than 800 experts based at our main sites in France, Germany and UK, each with a Security Operating Center. We also operate in the United States and the Middle East. This division is particularly active in the markets of surveillance, investigation and security audits for the systems most exposed to threats within the Airbus Group, but also for partners and customers in the transport, defence and aerospace sectors.
Please apply online for this vacancy using your eRecruiting profile with your CV attached.
Description of the job
You are passionate by Cybersecurity and you are looking to work in a multi-cultural environment, on a worldwide perimeter?
For Airbus CyberSecurity, within the Services Center, based in our office at Elancourt, a position has become available for a Senior Consultant specialized in Governance, Risk management, and Compliance.
Inside Airbus Cybersecurity, the Services include both the Security Operations Center (SOC) and high-skilled security Professional services, such as: Risk Analysis, APT check, security audit and associated consulting services.
The Consulting Entity is in charge of supporting our clients all along their Information Risk and Security Management improvement, and addressing the increasing cyber security threat challenge.
The Consulting portfolio covers four main areas:
• Security risk analysis and Information security strategy definition
• Regulation and compliance / accreditation assistance (ISO 27001, GDPR, LPM, French military law, II901,…)
• Security audits and assessments (organization, architecture), according with PASSI and main best practices
• Awareness and training for cyber-crisis handling in both IT and OT (ICS) critical environments.
The Consulting team is also actively implied in main Security interest groups, such as Club-Ebios, Clusif, ANSSI workgroups etc.
Task & accountabilities
We are seeking an innovative and motivated consultant with a high level of autonomy, extensive knowledge and skills obtained through previous experiences in order to increase security posture of our customers.
As an Airbus GRC Consultant, you will provide functional, methodological and technical advisory to our customers by bringing information security expertise in multiple areas. As an ambassador of Airbus Cybersecurity expertise, you are expected to identify business issues and propose compelling solutions from technical to C-Level clients.
Your main tasks and responsibilities will include:
- Implementing different capacities (Audit program, accreditation process, security in projects) based on the best practices or framework standards (ISO 27001, NIST…)
- Advising and giving support for the technical training and awareness training
- Presenting to C-level management information security strategy with appropriate pragmatic roadmap
- Leading delivery activities such as:
- Information security strategy and roadmap (creation or review)
- Security Policies (creation or review)
- Risk Analysis (EBIOS RM methodology or ISO27005 compliant methodology)
- Audit maturity assessment (ISO 27002, NIS, NIST, ANSSI guides)
- Compliance audit (PASSI)
- Information Security Management System Implementation (ISO 27001)
Last but not the least, you will be recognized as a SME on audit activities. You will lead the delivery and will coordinate junior colleagues during your mission. You will be a key actor from proposal to delivery on major security projects by collaborating closely with sales, presales and internal stakeholders (engineering /expert / CTI / CSIRT). Moreover, as a Senior consultant, you will be expected to participate & develop the Consulting portfolio.
This role will involve some travel for business regularly in France and Europe and as such you must be able to travel accordingly.
This position will require a security clearance or will require being eligible for clearance by the recognized authorities.
At least a Bachelor / master’s degree in the field of Computer Science, IT, Engineering, OR equivalent work experience in IT with advanced Security certification (CISSP…) and other certifications related with Risk and audit management (e.g. CISM, CISA, or ISO ones)
- 10+ years of professional experience
- A minimum of 5 years of experience within a CISO role or security expert
- Security governance, strategy and policies,
- Risk analysis methodologies (EBIOS RM…)
- Experience as a CISO role or leading security expert
- Ability to coach others in the gathering of requirements, designs, plans and estimates
- Appreciation of the business drivers demanding GRC assistance
- Willingness to travel up to approximatively 50% of the time.
- Prior work experience serving C-Level clients
- Ability to communicate with internal and external senior management confidently
- Ability to identify up-sell opportunities
- Ability to demonstrate a broad understanding of Information Security
- Ability to take business problems, existing processes and technology and translate these into service and process requirements
- Effective communicator with great interpersonal skills and the ability to be credible with clients
- High engagement and distinct flexibility
- Well-marked capacity for coaching
- At least a first successful experience in Information Security field
- Knowledge of the security market and its major actors,
- Insatiable curiosity and willing to learn
- Team spirit and share expertise within a team,
- Ability to take initiative
- Full professional proficiency in French and English
- Holder of security certifications (CISSP, CEH) and other certifications related with Audit & Risk aspects (e.g. CISA, CISM, ISO 27001 LA & LE,.. ) would be strongly appreciated
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
To apply for this job please visit www.airbus.com.
Please mention you found this job on infosec-jobs.com to help us get more companies to post here 🙂