Junior Cyber Security Consultant
Bristol (City of Bristol) IT development
Job description
Job Description:
The Role
To survey and assure cyber and information security within Airbus, its partners and customers. The successful candidate will be expected to work on multiple client assignments simultaneously. Work will primarily be within the UK but with the potential for opportunities to work overseas.
Primary responsibilities will include;
·
Assisting internal teams and Airbus customers by identifying, evaluating, reporting on cyber security.
·
Supporting the customer’s overall information risk management function to ensure they have a comprehensive understanding of the risk landscape.
·
Conducting routine security assessments and evaluating vulnerability scans and assurance reviews to detect and address potential weaknesses, vulnerabilities, and threats.
·
Promptly identifying potential vulnerabilities, and recommending both tactical and strategic remedial actions focused around customer priorities and requirements, to uphold security standards.
·
Conducting security compliance assessments against applicable regulations as appropriate to the organisation and sector.
·
Assisting in the development of innovative and novel approaches to mitigate risks in business areas of high technical complexity.
·
Devising and recommending options for cost-effective controls.
·
Documenting security controls, maintaining security dashboards, and compiling reports to track security measures effectively.
·
Understanding the relationships and interactions of humans in relation to cyber security and user interactions with technology.
·
Performing daily administrative tasks, generating reports, and maintaining communication with relevant departments within the organization.
Are you the one?
The ideal candidate will possess a sharp analytical mindset and a strong understanding of cyber security practices. Familiarity with security infrastructure and operations, along with experience with Google Suite is advantageous.
·
You will be comfortable with delivering into a variety of different, public and private sector client settings as well as supporting internal security teams.
·
You will have growing subject matter expertise in at least one of the following areas: GRC (Governance, Risk and Compliance), Security architecture, Crisis Management.
·
You will have a good awareness of various topics across cyber and information security with a passion to learn more.
·
You will be a self-starter capable of taking a proactive approach to understanding customer requirements and responding by providing effective inputs that add tangible value to the customer’s business.
·
You will recognise that there can be many contributory factors to information risk that require you to be aware of the wider technical, physical, and procedural context.
·
You will be an advocate for positive change able to help the customer appreciate the benefits of challenging the status quo.
·
You will be able to tailor your delivery approach as appropriate to the requirements of the assignment, whether the work is within an established security/assurance team or individually.
·
You will be capable of producing quality deliverables to tight timescales.
·
You will be a strong team player with good communication skills (verbal and written).
·
You will possess a good understanding of the application of security controls to IT, OT or cloud-based systems.
·
You will be able to translate between business and technical requirements, and interpret these requirements back into relevant and insightful security advice.
·
You will remain abreast of the latest security threat intelligence, data breaches, and recommending appropriate remediation strategies, industry best practices, and protocols.
·
Internally, you could be expected to actively participate in all aspects of the business development lifecycle and support ongoing customer relationship management.
Key Skills
Essential
The ideal candidate will have;
·
A minimum of 1 year’s consulting experience providing customer-facing cyber security advice and guidance;
·
Experience in at least one of GRC, Security Architecture, Business Continuity and Crisis Management.
·
Excellent verbal and written communications skills, strong interpersonal skills, with the ability to engage with a range of senior stakeholders both internal and external;
·
Knowledge and experience in delivery of information security and compliance frameworks, such as ISO27001, NIST CSF;
·
Strong analytical skills to determine, evaluate and provide solutions to address security challenges;
·
Good time management skills with the ability to prioritise tasks and workload;
·
A full UK Driving Licence for travel to customer sites and other Airbus offices as required;
·
A commitment to continuous learning and development.
·
This role might require security clearance although not immediately, this would be dependant on projects
Desirable
The ideal candidate should be able to demonstrate;
·
Knowledge of security technologies and tools such as firewalls, intrusion detection/prevention systems, security information and event management (SIEM), anti-malware and related solutions;
·
Knowledge of Access Management solutions;
·
Knowledge of cyber incident management, processes and frameworks;
·
Knowledge or awareness of performing security assessments such as application penetration testing, vulnerability assessments whilst not essential would be beneficial;
·
Knowledge of Secure by Design development;
·
Experience with risk assessment and management methodologies;
·
Experience of Operational Technology (OT) security preferably within a CNI context;
·
Knowledge of NIS Directive and OT standards such as IEC62443 or NIST SP800-82;
·
Knowledge of current security hot topics (e.g. AI, IT/OT convergence, cloud security and supply chain security);
·
Awareness of data privacy legislation (e.g. DPA, GDPR);
·
Experience of Agile working;
·
Experience of using recognised Project Management methodologies;
Education and Training:
In addition to a Bachelor's degree in computer science, cyber security or equivalent prospective candidates should hold or be able to demonstrate;
·
Relevant and specialized certifications in cybersecurity, e.g., CISSP, CISA, CISM, GIAC;
·
Technology-centric training and certification;
·
Industry standard cyber security certifications
·
Hold or be working towards one of the following recognised cyber security certifications (e.g. ISC2 CC, ISO 27001 Foundations, Network+, Security+, CCSK).
What’s in it for you…
Joining Airbus Protect with :
·
A close and caring management,
·
A pipeline of innovative projects,
·
A community of recognised experts,
·
Great career paths and training opportunities,
Great benefits:
·
25 days holiday
·
Flexi time
·
Option to purchase holidays
·
Generous pension scheme
·
Eligibility to a Company profit sharing scheme
·
Share options
·
Access to a benefits platform offering car leasing, family health plans, dental plan, shopping discounts and much more …
AIRBUS PROTECT
Airbus PROTECT brings together experts in risk analysis and management in the fields of safety, cybersecurity and sustainability. We deliver expertise to our own group, Airbus, for whom we act as a privileged partner, but also to external clients.
With over 1,700 experienced professionals based in France, UK and Germany, we service large-scale contracts with companies such as critical infrastructures (CNI), other industries and public institutions.
Our positioning and strategy enable us to meet the highest standards of the market and to meet the challenges of tomorrow as a team...
Join the AIRBUS PROTECT journey...
#JobAPUK
#BUCyberAP
#0to2YearsExp; #2to5YearsExp
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company:
Airbus Protect Limited
Contract Type:
Permanent
Experience Level:
Professional
Job Family:
Cyber Security
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com .
At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.