ZSCC – 3 CYBER – CSIRT Specialists (m/f)

AIRBUS SAS

Airbus is a global leader in aeronautics, space and related services. In 2018 it generated revenues of € 64 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other’s expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary – on the ground, in the sky and in space.

Job Description

Description of the job :

Several vacancies for a CYBER – CSIRT Specialists (m/f) have arisen within Airbus Commercial Aircraft in Toulouse. You will join the Advanced capabilities team (ZSCC) within the Digital Security department (ZS).

You will participate in the effort of finding known and unknown threats and understanding new adversary TTPs. You participate in the architecture of new tooling and industrialization of the CERT effort. You help improving the existing framework. You are interested in Unstructured Hunt (Exploratory data analysis and Pattern discovery), Structured Hunt (Identify and search for indicators of compromise and Real-time Monitoring (Create or modify detection methods).

You will report to Airbus Head of CERT (Computer Emergency Response Team).
You are permanently working with and involving relevant stakeholders from all Airbus divisions and business units (Divisions Security Officers, CIOs …) as well as National Authorities when relevant.

Task & accountabilities :

As a CERT expert your general responsibilities will be to:

– Fully support divisions in understanding malwares targeting them.
– Fully analyze incidents in view of operational and national constraints so as to operationally maintain Airbus CERT’s knowledge base(s).
– Conduct risk assessment.
– Research and publication as member of Airbus CERT.
– Evaluate tools and design methodologies.
– Represent Airbus CERT within working groups and in conferences throughout the world.
– Conduct trainings.
– Continuous innovation.

o Threat Hunting:
– Industrialize Intrusion Analysis
– Conduct Malware Analysis in the context of threat hunting and TTPs discovery
– Pursue the effort of Threat Intelligence

o Support incident response in crisis mode
– Be part of the on-call crisis team (deployment reactivity constraints)
– Reverse-engineering
– Hosts forensics
– Industrialization of tooling

o Industrialization
– Malware analysis and clusterization
– Network analysis
– Host analysis
– Detection

o Threat detection using system or network capabilities
– Yara signature
– Network signature
– Integration of signatures into internal tools
– Support for IOC searching across the enterprise
– Development

o Create or enhance CERT projects
– Participation to CERT developments
– Development of data mining capabilities (Hadoop/Pig)

As a CERT member your responsibilities will also be to contribute to:

o Perform technology watch:
– Develop incident handling skills within the team and the Group by specializing in several operating systems
– Perform an ongoing research, analysis and resolution of vulnerabilities
– Inform AIRBUS functional Security responsible and Information Systems managers about the different types of vulnerabilities and their solutions

o Manage CERT related knowledge (e.g. related to security vulnerabilities and incident handling)
– Contribute to the writing of documents produced by the CERT
– Build and maintain CERT tools

This role will involve some travel for business in Europe and as such you must be able to travel accordingly.

Required skills :
We are looking for candidates with the following skills and experience:

o Master’s Degree in Information Technology or equivalent experience
o At least 3 years of work experience in the IT security area
o Mastering internals of Windows and Active Directory environments
o Mastering Reverse engineering applied to Incident Response
o Mastering at least one programming language
o Strong Network Analysis skills
o Strong knowledge and experience in penetration tests or Incident Response
o Good ability to understand AIRBUS policies and standards
o Strong negotiation and communication skills
o Strong ability to work in a multinational and complex environment
o Ability to coordinate teams located in different, BUs and Geographies
o English: Negotiation Level
o French, German and/or Spanish is a plus

This position is graded band BV.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

To apply for this job please visit www.airbus.com.

Please mention you found this job on infosec-jobs.com to help us get more companies to post here 🙂

Scroll to top