Cybersecurity Consultant m/f (x3)

Description de l'offre

Cassidian CyberSecurity SAS

European specialist in cyber security, Airbus CyberSecurity’s mission is to protect companies, critical national infrastructures, as well as government and defence organisations against cyber threats. Its reliable and high performance security products and services are able to detect, analyse and neutralise the most sophisticated cyberattacks.

We have more than 700 experts based at our main sites in France, Germany and UK, each with a Security Operating Centre. We also operate in the United States and the Middle East. This division is particularly active in the markets of surveillance, investigation and security audits for the systems most exposed to threats within the Airbus Group, but also for partners and customers in the transport, defence and aerospace sectors.

 

Airbus is a global leader in aeronautics, space and related services. In 2018 it generated revenues of € 64 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world's leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.

Description of the job

You are interested by CyberSecurity and you are looking to work in a multi-cultural environment, on a worldwide perimeter?

For Airbus CyberSecurity, within the Services Center, based in Elancourt, a position has become available for a Cybersecurity Consultant.

Inside Airbus Cybersecurity, the Services include both the Security Operations Center (SOC) and high-skilled security Professional services, such as: security incident response, APT check, security audit and associated consulting services.
The Consulting Entity is in charge of supporting our clients all along their Information Risk and Security Management improvement, and addressing the increasing cyber security threat challenge.

The Consulting portfolio covers four main areas:

• Security risk analysis and Information security strategy
• Regulation and compliance assistance (LPM, II901, GDPR, accreditation/Homologation…)
• Security audits and assessments (organization, architecture), according with PASSI and main Best practices
• Awareness and training for cyber-crisis handling
In both IT and OT (ICS) critical environments.

The Consulting and Audit is also actively implied in main Security interest groups, such as Club-Ebios, Clusif, etc.
Therefore, as a consultant, you will be expected to participate in the Consulting and Audit offer internal and external communication.

As an Airbus Cybersecurity Consultant, you will accordingly provide functional, methodological and technical advisory to our customers, bring information security expertise and help in designing build and implement pragmatic security solutions.

This position will require a security clearance or will require being eligible for clearance by the recognized authorities.

Tasks & accountabilities

Your main tasks and responsibilities will include:
– Being responsible for the implementation of the security policy of the information system
– Developing and implementing the security standards of data-processing and to supervise technical conformity
– Managing the security deployment on all the information systems
– Organising a constant technological survey & an analysis of the risks and related threats
– Proposing and implementing changes of the security for the information system
– Advising and giving support for the technical training and creating an awareness training
– Supporting the remediation of computer security incidents & undertaking operations for the reinforcement of security
– Providing a specialist approach specialist within the field of operational security

This role will involve some travel for business once month in France and Europe and as such you must be able to travel accordingly.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Required skills

- At least a master's degree in the field of IT, with additional knowledge of security fundamentals (general concepts, great domains).
- A minimum of 2 years of experience within the field of information security.

Skills and knowledge within the following areas are expected:
– Security governance, strategy and policies,
– Risk analysis methodologies (ISO 27005, Ebios…)
– Functional and technical security architecture concepts and basis,
– Program management assistance for business owners and project management,
– Functional and organizational security audits,
– Main standards and regulations, such as at least: ISO 2700X standards, French LPM, GDPR, RGS.
– Knowledge in at least one of the following expertise areas would be strongly appreciated, such as for example:
• BRP/DRP, GRC, IAM, DLP,,PKI, SOC, IDS/IPS, SAP Security…
• Specific regulations, such as: e-IdAS regulation, PCI-DSS, SOX…

Standard profile:
– At least a first successful experience in Information system security,
– Knowledge of the security market and its major actors,
– Writing, editorial and synthesis skills,
– Holder of security certifications (CISSP, CISA, SANS, GIAC, ISO 27001 Lead Auditor/Lead Implementer, ISO 27005 Risk Manager…) would be strongly appreciated,
– Curious and willing to learn and share expertise within a team,
– Full professional proficiency in French and English.