ZSCC - 3 CYBER - CSIRT Specialists (m/f)

  • Company : Airbus
  • Localisation : Toulouse - France - Occitanie
  • Position : ZSCC - 3 CYBER - CSIRT Specialists
  • Type of Contract : Permanent contract
  • Date of publication : 2020-09-10
  • Apply

Job Description

Description of the job :

Several vacancies for a CYBER - CSIRT Specialists (m/f) have arisen within Airbus Commercial Aircraft in Toulouse. You will join the Advanced capabilities team (ZSCC) within the Digital Security department (ZS).

You will participate in the effort of finding known and unknown threats and understanding new adversary TTPs. You participate in the architecture of new tooling and industrialization of the CERT effort. You help improving the existing framework. You are interested in Unstructured Hunt (Exploratory data analysis and Pattern discovery), Structured Hunt (Identify and search for indicators of compromise and Real-time Monitoring (Create or modify detection methods).

You will report to Airbus Head of CERT (Computer Emergency Response Team).
You are permanently working with and involving relevant stakeholders from all Airbus divisions and business units (Divisions Security Officers, CIOs ...) as well as National Authorities when relevant.

Task & accountabilities :

As a CERT expert your general responsibilities will be to:

- Fully support divisions in understanding malwares targeting them.
- Fully analyze incidents in view of operational and national constraints so as to operationally maintain Airbus CERT's knowledge base(s).
- Conduct risk assessment.
- Research and publication as member of Airbus CERT.
- Evaluate tools and design methodologies.
- Represent Airbus CERT within working groups and in conferences throughout the world.
- Conduct trainings.
- Continuous innovation.

o Threat Hunting:
- Industrialize Intrusion Analysis
- Conduct Malware Analysis in the context of threat hunting and TTPs discovery
- Pursue the effort of Threat Intelligence

o Support incident response in crisis mode
- Be part of the on-call crisis team (deployment reactivity constraints)
- Reverse-engineering
- Hosts forensics
- Industrialization of tooling

o Industrialization
- Malware analysis and clusterization
- Network analysis
- Host analysis
- Detection

o Threat detection using system or network capabilities
- Yara signature
- Network signature
- Integration of signatures into internal tools
- Support for IOC searching across the enterprise
- Development

o Create or enhance CERT projects
- Participation to CERT developments
- Development of data mining capabilities (Hadoop/Pig)

As a CERT member your responsibilities will also be to contribute to:

o Perform technology watch:
- Develop incident handling skills within the team and the Group by specializing in several operating systems
- Perform an ongoing research, analysis and resolution of vulnerabilities
- Inform AIRBUS functional Security responsible and Information Systems managers about the different types of vulnerabilities and their solutions

o Manage CERT related knowledge (e.g. related to security vulnerabilities and incident handling)
- Contribute to the writing of documents produced by the CERT
- Build and maintain CERT tools

This role will involve some travel for business in Europe and as such you must be able to travel accordingly.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Required profile

Required skills :
We are looking for candidates with the following skills and experience:

o Master's Degree in Information Technology or equivalent experience
o At least 3 years of work experience in the IT security area
o Mastering internals of Windows and Active Directory environments
o Mastering Reverse engineering applied to Incident Response
o Mastering at least one programming language
o Strong Network Analysis skills
o Strong knowledge and experience in penetration tests or Incident Response
o Good ability to understand AIRBUS policies and standards
o Strong negotiation and communication skills
o Strong ability to work in a multinational and complex environment
o Ability to coordinate teams located in different, BUs and Geographies
o English: Negotiation Level
o French, German and/or Spanish is a plus

This position is graded band BV.


  • Start date : nc.
  • Term : nc.
  • Experience Required : 5 to 10 years
  • Salary : nc.
  • References : JR10022564
  • Activity area : Aerospace Manufacturing

Aviation and Aerospace Jobs similar to ZSCC - 3 CYBER - CSIRT Specialists

Find all offers