CERT Malware Engineer (m/f)

Description de l'offre

CERT Malware Engineer (m/f)

Airbus Blagnac

Airbus is a global leader in aeronautics, space and related services. In 2016, it generated revenues of € 67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe's number one space enterprise and the world's second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.

Description of the job

For AIRBUS within the Security department we are looking for a CERT (Computer Emergency Response Team) Malware Engineer (m/f) with specialty in Threat Hunting. This position will be based either in the Paris area or in Toulouse, France.

You participate in the effort of finding unknown threats and understanding new adversary TTPs (Tactics, Techniques and Procedures). You are the architect on tooling and industrialization of the threat hunting effort.

This goes for Unstructured Hunt (Exploratory data analysis and Pattern discovery), Structured Hunt (Identify and search for indicators of compromise and Real-time Monitoring (Create or modify detection methods).

You report to AIRBUS Head of CERT and you are permanently working with and involving relevant stakeholders from all AIRBUS Divisions and Business Units (Divisions Security Officers, CIOs...) as well as National Authorities when relevant.

Profil recherché

Tasks & accountabilities

As a CERT Threat Hunting Expert, your specific responsibilities concern the following fields:
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
Cyber Security

·  Industrialize Intrusion Analysis
·  Conduct Malware Analysis in the context of threat hunting and TTPs discovery
·  Pursue the effort of Threat Intelligence
·  Support incident response in crisis mode
·  Be part of the on-call crisis team (deployment reactivity constraints)
·  Reverse-engineering
·  Hosts forensics
·  Industrialization of tooling

Industrialization

·  Malware analysis and clusterization
·  Network analysis
·  Host analysis
·  Detection

Threat detection using system or network capabilities

·  Yara signature
·  Network signature
·  Integration of signatures into internal tools
·  Support for IOC checking campaign
·  Development

Create or enhance CERT projects

·  Participation to CERT developments
·  Development of data mining capabilities (Hadoop/Pig)

As a CERT member your responsibilities will also be to contribute to:
Perform technology watch:

·  Develop incident handling skills within the team and the Group by specializing in several operating systems,
·  Perform an ongoing research, analysis and resolution of vulnerabilities,
·  Inform AIRBUS functional Security responsible and Information Systems managers about the different types of vulnerabilities and their solutions,

Manage CERT related knowledge (e.g. related to security vulnerabilities and incident handling),

·  Contribute to the writing of documents produced by the CERT,
·  Build and maintain CERT tools,

And supervise APT health checks when needed.

Required skills

Your Boarding Pass
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
ø Master's Degree in Information Technology or similar,
ø Strong experience in the IT security area,
ø Mastering internals of Windows and Active Directory environments,
ø Mastering Reverse engineering applied to Incident Response,
ø Mastering at least one programming language (Python, Go, Haskell, C/C++…),
ø Mastering DevOps and/or Secure DevOps,
ø Strong Network Analysis skills,
ø Strong knowledge and experience in penetration tests or Incident Response,
ø Good ability to understand AIRBUS policies and standards,
ø Negotiation level in English. Knowledge of French, German and/or Spanish would be a plus.

Especially
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
ø Strong negotiation and communication skills,
ø Autonomy and good team spirit,
ø Strong ability to work in a multinational and complex environment,
ø Ability to coordinate teams located in different, BUs and Geographies.

Please apply on line for this vacancy using your eRecruiting profile with your CV attached in English.