Security automation & evaluation specialist m/f (H/F)

  • Entreprise : Airbus
  • Localisation : Paris - France - Ile-de-France
  • Fonction : Security automation & evaluation specialist m/f
  • Type de contrat : Contrat à durée indéterminée (CDI)
  • Date de publication : 02-07-2021
  • Postuler

Description du poste

Are you interested in working with leading experts to protect Airbus against an ever evolving cyber threat and be part of the corporate digital security office combining; IT, industrial manufacturing, product, and people security?

Are you willing to work in a multicultural environment, with a significant scale, and on a worldwide perimeter? Are you ready to take on a new and exciting challenge? 

Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!

Airbus is a leader in the aerospace & defence sector, offering many challenging opportunities and providing numerous benefits to its employees, such as: development and training, unique challenges, world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.

Seize the opportunity to integrate the central Corporate Digital Security Team led by Group CISO and be a part of the transnational peer group of 4 core countries (France, UK, Germany, Spain) with a direct link to our global infrastructure and sites (e.g. North America, India, China, Asia ?).

At Airbus corporate level, digital security topics are managed by the Digital Security organisation and structured around 5 capability departments:

  • Enterprise Security Architecture,

  • Detection & Response,

  • Evaluation & Test,

  • Risk, Vulnerability & Critical Asset,

  • Cybersecurity Innovation & Scouting.

In order to provide continuous improvements of the security programme and in efforts to discover weaknesses in the cyber security programme and implementations before external hackers, the Corporate Evaluation and advanced Test team play an important role. 

The mission is to provide advanced capabilities in the discovery, reporting, and remediation recommendations of security vulnerabilities found in both the security technologies consumed/purchased and operated or developed by the organisation. It is done by performing independent evaluation and penetration-testing of systems in order to evaluate the security effectiveness and mitigate system vulnerabilities and weaknesses (e.g. product vulnerability, miss-configurations, unpatched systems, etc.) before they are discovered by external or internal adversaries.

To fulfill this mission, the team:

  • Evaluates the security of products and services by simulating the behaviour of motivated and highly technical attackers

  • Contributes to the domain's state of the art by developing tools or methodologies

  • Provides technical expertise on security topics

The team works equally on standard IT products (infrastructure, phones, cloud services, etc.) and on the company's own products (planes, helicopters, satellites, etc.) or operational technologies (access control, ICS, video surveillance, etc.).

The team's publications are available here:

Tasks, missions and responsibilities

  • Developing the use of security automation across the group: identify systems where security automation should be introduced, propose technical solutions, review their implementation

  • Conducting deep-dive security evaluations of products and services

  • Writing evaluation reports for the products, services and technologies you evaluated

  • Developing tools, both for short and long term, which enable the team to be more efficient in its missions or allow the company to automate security tests

  • Publishing open source tools

  • Attending technical security conferences and publishing articles in your expertise areas

  • Some business trips may be required

You have a strong subset of the following education, experience and skills:

  • At least 5 years of professional experience in security automation or deep-dive security evaluation

  • Experience working on the security of cloud-based systems

  • Designing and implementing automated security measures in at least one of these domains:

    • automated cloud security

    • automated application security

    • automated security evaluation

  • You have strong experience in vulnerability research & exploitation

  • Containerisation and/or virtualization

  • Fuzzing

  • Linux

  • Strong scripting and programming capabilities

  • Curious and open to new subjects

  • Team spirit

  • Good communication skills and an ability to explain technical subjects in layman's terms

  • Language skills: Negotiation level of English.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Profil recherché

Required skills

  • Date de début : nc.
  • Durée : nc.
  • Expérience requise : 5 à 10 ans d'expérience
  • Salaire : nc.
  • Référence : JR10057776
  • Secteur d'activité : Industrialisation, Production
CDI CDD Intérim

Offres d'emploi aéronautique similaires à Security automation & evaluation specialist m/f

Retrouvez l'ensemble des offres