Description du poste
Who we are:
Within Airbus Commercial Aircraft, digital security topics are managed by our Corporate Digital Security office, a transnational organisation based in France, UK, Germany and Spain, with a direct link to our global infrastructure and sites (e.g. North America, India, China, Asia ?).
The Corporate Digital Security office is structured around 5 departments:
- Enterprise Security Architecture,
- Detection & Response,
- Evaluation & Test,
- Risk, Vulnerability & Critical Asset,
- Cybersecurity Innovation & Scouting.
We are a network of leading experts working on projects and collaborations including research & innovation, state of the art solutions development, and technology scouting for cybersecurity across a wide scope of security domains including IT, OT/ICS and Product security.
To support our growth, we are currently looking for a Cyber Security Controls Efficiency Leader (m/f) based in Toulouse (31) to join our Risk, Vulnerability & Critical Asset department team.
The cyber security Risks, Vulnerability & Critical Asset department ensures requirements for keeping the risk of business under their respective tolerance are communicated to the relevant cyber security functions. Monitoring the risk potentialities and raising alerts if risk threshold is reached. The technical information is translated appropriately for dashboarding and reported to the executive level.
The Risks, Vulnerability & Critical Asset department mission has four main components: risk management, vulnerability management, critical asset management & security control efficiency management.
What you will do with us:
As a Cyber Security Controls Efficiency Leader (m/f), your main tasks will be the following:
- Measure Security controls governance, maturity, compliance, effectiveness and efficiency
- Collaborate with our business stakeholders to build and report the company-wide security risk tolerance statement (threshold definition, remediation and reporting)
- Consolidate Cyber security risk and threat taxonomy
- Continuously follow up the security risks and escalate to ERM function in case of major risks (if alert threshold is exceeded)
- Drive the company-wide security risk profiling and trends identification (proactive analysis)
- Check efficiency of portfolio infrastructure and security solutions for a wide scope of assets including OT (Office to Industry migration, OT protection, ...), Products security controls, networks, connectivity, Endpoints DLP, digital workplace, protection of identities (monitor user behaviors, manage privilege access, Role Based Access control implementation), Extended Enterprise and roofs, affiliates, suppliers, customers
Your activities will have a major impact on:
- Security Controls inventories, efficiency reports
- Weight security solution effectiveness with regards to attack scenario per CIAT impacts
- Request for security control change
- Alerts on defective controls
- Formalized processes on performance measure
- Mapping ISO/NIST vs Technical solutions
This role will involve some travel for business in Europe and as such you must be able to travel accordingly.
The skills we are looking for:
We are looking for candidates with the following skills and qualities:
- Master's degree in the field of Computer Science, IT, Engineering, or equivalent with a minimum of 10 years of experience in cyber risk management and business continuity management.
- Strong technical skills on Cybersecurity solutions (IT/OT/Products)
- Knowledge in Cybersecurity controls
- Experience in project management
- Good ability to understand complex environments (solutions, networks, mix of IT/OT & products...)
- Strong negotiation and communication skills in an international context
- Ability to coordinate teams located in different organizations and locations
- Willingness to stay up-to-date on his/her technical skills
- Negotiation level of French and English, German and/or Spanish is a plus
Why join us?
1/ Work in a multicultural environment, with a significant scale, on a worldwide perimeter, within a team of security experts providing resilient, agile and cutting edge cyber security solutions for a wide range of assets (IT, OT/ICS, Products).
2/ Get the opportunity to grow your skills and capabilities thanks to our Airbus learning offer (digital solutions, classroom sessions, certified training....) and mobility opportunities. Being part of the Airbus team, you will have access to an evolving career plan adapted to your profile.
3/ Work in a balanced environment: Beyond the many benefits offered to its employees, joining Airbus is also the guarantee of a respectable work-life balance.
Airbus gives you the opportunity to apply your expertise and develop your skills and competencies. Join us!
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.