Security automation & evaluation specialist m/f
airbus
Paris, France
il y a 2j

Job Description

  • Are you interested in working with leading experts to protect Airbus against an ever evolving cyber threat and be part of the corporate digital security office combining;
  • IT, industrial manufacturing, product, and people security?

    Are you willing to work in a multicultural environment, with a significant scale, and on a worldwide perimeter? Are you ready to take on a new and exciting challenge?

    Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!

    Airbus is a leader in the aerospace & defence sector, offering many challenging opportunities and providing numerous benefits to its employees, such as : development and training, unique challenges, world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.

    Seize the opportunity to integrate the central Corporate Digital Security Team led by Group CISO and be a part of the transnational peer group of 4 core countries (France, UK, Germany, Spain) with a direct link to our global infrastructure and sites (e.

    g. North America, India, China, Asia ).

    At Airbus corporate level, digital security topics are managed by the Digital Security organisation and structured around 5 capability departments :

    Enterprise Security Architecture,

    Detection & Response,

    Evaluation & Test,

    Risk, Vulnerability & Critical Asset,

    Cybersecurity Innovation & Scouting.

    In order to provide continuous improvements of the security programme and in efforts to discover weaknesses in the cyber security programme and implementations before external hackers, the Corporate Evaluation and advanced Test team play an important role.

    The mission is to provide advanced capabilities in the discovery, reporting, and remediation recommendations of security vulnerabilities found in both the security technologies consumed / purchased and operated or developed by the organisation.

    It is done by performing independent evaluation and penetration-testing of systems in order to evaluate the security effectiveness and mitigate system vulnerabilities and weaknesses (e.

    g. product vulnerability, miss-configurations, unpatched systems, etc.) before they are discovered by external or internal adversaries.

    To fulfill this mission, the team :

    Evaluates the security of products and services by simulating the behaviour of motivated and highly technical attackers

    Contributes to the domain's state of the art by developing tools or methodologies

    Provides technical expertise on security topics

    The team works equally on standard IT products (infrastructure, phones, cloud services, etc.) and on the company's own products (planes, helicopters, satellites, etc.

    or operational technologies (access control, ICS, video surveillance, etc.).

    The team's publications are available here :

    https : / / github.com / airbus-seclab

    https : / / airbus-seclab.github.io

    Tasks, missions and responsibilities

    Developing the use of security automation across the group : identify systems where security automation should be introduced, propose technical solutions, review their implementation

    Conducting deep-dive security evaluations of products and services

    Writing evaluation reports for the products, services and technologies you evaluated

    Developing tools, both for short and long term, which enable the team to be more efficient in its missions or allow the company to automate security tests

    Publishing open source tools

    Attending technical security conferences and publishing articles in your expertise areas

    Some business trips may be required

    Required skills

    You have a strong subset of the following education, experience and skills :

    At least 5 years of professional experience in security automation or deep-dive security evaluation

    Experience working on the security of cloud-based systems

    Designing and implementing automated security measures in at least one of these domains :

    automated cloud security

    automated application security

    automated security evaluation

    You have strong experience in vulnerability research & exploitation

    Containerisation and / or virtualization

    Linux

    Strong scripting and programming capabilities

    Curious and open to new subjects

    Team spirit

    Good communication skills and an ability to explain technical subjects in layman's terms

    Language skills : Negotiation level of English.

    This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

    Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

    Signaler cette offre d'emploi
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Postuler
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Continuer
    Formulaire de candidature