Senior Pentester H/F [Issy-Les-Moulineaux]

  • Entreprise : Airbus Defence and Space
  • Localisation : Paris - France - Ile-de-France
  • Fonction : Senior Pentester [Issy-Les-Moulineaux]
  • Type de contrat : Contrat à durée indéterminée (CDI)
  • Date de publication : 20-09-2021
  • Postuler

Description du poste


European specialist in cyber security, Airbus Cybersecurity's mission is to protect companies, critical national infrastructures, as well as government and defence organizations against cyber threats. Its reliable and high performance security products and services are able to detect, analyze and neutralize the most sophisticated cyberattacks.

We have more than 800 experts based at our main sites in France, Germany and UK, each with a Security Operating Center. This division is particularly active in the markets of surveillance, investigation and security audits for the systems most exposed to threats within the Airbus Group, but also for partners and customers in the transport, defence and aerospace sectors.

Description of the job


You are passionate by Cybersecurity and you are looking to work in a multi-cultural environment, on a worldwide perimeter?

For Airbus CyberSecurity, within the Services Center, based at Issy-les-Moulineaux, a position has become available for a Senior Pentester within our CSIRT team.

Inside Airbus Cybersecurity, the Services include both the Security Operations Center (SOC) and high-skilled security Professional services, such as: management of security incident response plans, APT compromise check, security audits and associated consulting services.

The CSIRT Entity is in charge of supporting our clients during incident response investigation and driving their remediation plan. It covers also activities upstream the incident in order to strengthen your infrastructure by performing Pentesting and RED team exercice.  

The CSIRT portfolio covers the following main areas:
• Technical security audits and assessments (Configuration, code analysis), according with PASSI and main Best practices

• Pentesting and RED team activities
• Incident Response investigations

Task & accountabilities

We are seeking an innovative and motivated senior pentester with a high level of autonomy, strong technical curiosity, extensive knowledge and skills obtained through previous experiences in order to increase security posture of our customers.

This role requires an analytical capability and excellent communication skills to provide technical advisory to our customers in multiple areas.

Your main tasks and responsibilities will include:

  • Leading delivery activities such as:

    • IT Pentesting (On premises / Cloud infrastructure)

    • Application Pentesting (Thick/Thin client)

    • Network Pentesting (Wireless / VoIP)

    • Mobile environment Pentest (Android / IOS)

    • OT Pentesting (On-boarded system, physical access, IoT and ICS systems)

    • RED team exercise (from OSINT initial step to CTF without being detected)

=> Write the report of found vulnerabilities and recommendations in a non-technical format to our customers / sponsors (when possible)

  • Developing the different CSIRT capacities

    • R&D orientations

    • Hacking tool development

    • Proof of Concept research

  • Supporting our BID activities

Last but not the least, you will be recognized as a SME on Pentesting activities. You will lead the delivery on Paris Area and will coordinate junior colleagues during your mission. You will be a key actor from proposal to delivery on major security projects by collaborating closely with sales, presales and internal stakeholders (Consulting / engineering /expert / CTI). Moreover, as a practice pentester leader, you will be expected to participate & develop the CSIRT portfolio.

This role will involve some travel for business regularly in France and Europe and as such you must be able to travel accordingly.

This position will require a security clearance or will require being eligible for clearance by the recognized authorities.

At least a master's degree in the field of Computer Science, IT, Engineering, OR equivalent work experience in IT with certifications related with Pentesting activities (e.g. GPEN, GXPN, OSCP, OSCE, or LPT EC-Council master)

  • 10+ years of professional experience

  • A minimum of 5 years of experience within a Pentester security expert.

  • Experience as leading security expert (Pentesting, Code Analysis, Vulnerability exploits) in multiple domains (Web, Databases, communication protocol,..)

  • Ability to be multi-skilled and willing to address new technologies

  • Ability to coach junior profiles, and develop their technical and interpersonal skills

  • Understanding compliance requirements (GDPR / NIS / LPM?)

  • Willingness to travel up to approximatively 50% of the time.

  • Previous PASSI accreditation (expert on Audit methodologies ISO 19011, ?)

  • Ability to communicate with internal and external senior management confidently

  • Ability to identify up-sell opportunities

  • Ability to demonstrate a broad understanding of Information Security

  • Effective communicator with great interpersonal skills and the ability to be credible with clients

  • High engagement and distinct flexibility

  • Well-marked capacity for coaching

Standard profile

  • At least a first successful experience in Information Security field

  • Knowledge of the security market and its major actors,

  • Insatiable curiosity and willing to learn

  • Team spirit and share expertise within a team,

  • Ability to take initiative

  • Full professional proficiency in French and English

  • Holder of security certifications (CISSP) and other certifications related with Pentesting activities (e.g. GPEN, GXPN, OSCP, OSCE, or LPT EC-Council master) would be strongly appreciated

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Profil recherché

Required skills

  • Date de début : nc.
  • Durée : nc.
  • Expérience requise : 5 à 10 ans d'expérience
  • Salaire : nc.
  • Référence : JR10042508
  • Secteur d'activité : Industrialisation, Production
CDI CDD Intérim

Offres d'emploi aéronautique similaires à Senior Pentester [Issy-Les-Moulineaux]

Airbus Defence and Space
Retrouvez l'ensemble des offres
Airbus Defence and Space