IT, industrial manufacturing, product, and people security?
Are you willing to work in a multicultural environment, with a significant scale, and on a worldwide perimeter? Are you ready to take on a new and exciting challenge?
Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!
Airbus is a leader in the aerospace & defence sector, offering many challenging opportunities and providing numerous benefits to its employees, such as : development and training, unique challenges, world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.
Seize the opportunity to integrate the central Corporate Digital Security Team led by Group CISO and be a part of the transnational peer group of 4 core countries (France, UK, Germany, Spain) with a direct link to our global infrastructure and sites (e.
g. North America, India, China, Asia ).
At Airbus corporate level, digital security topics are managed by the Digital Security organisation and structured around 5 capability departments :
Enterprise Security Architecture,
Detection & Response,
Evaluation & Test,
Risk, Vulnerability & Critical Asset,
Cybersecurity Innovation & Scouting.
In order to provide continuous improvements of the security programme and in efforts to discover weaknesses in the cyber security programme and implementations before external hackers, the Corporate Evaluation and advanced Test team play an important role.
The mission is to provide advanced capabilities in the discovery, reporting, and remediation recommendations of security vulnerabilities found in both the security technologies consumed / purchased and operated or developed by the organisation.
It is done by performing independent evaluation and penetration-testing of systems in order to evaluate the security effectiveness and mitigate system vulnerabilities and weaknesses (e.
g. product vulnerability, miss-configurations, unpatched systems, etc.) before they are discovered by external or internal adversaries.
To fulfill this mission, the team :
Evaluates the security of products and services by simulating the behaviour of motivated and highly technical attackers
Contributes to the domain's state of the art by developing tools or methodologies
Provides technical expertise on security topics
The team works equally on standard IT products (infrastructure, phones, cloud services, etc.) and on the company's own products (planes, helicopters, satellites, etc.
or operational technologies (access control, ICS, video surveillance, etc.).
The team's publications are available here :
https : / / github.com / airbus-seclab
https : / / airbus-seclab.github.io
Tasks, missions and responsibilities
Developing the use of security automation across the group : identify systems where security automation should be introduced, propose technical solutions, review their implementation
Conducting deep-dive security evaluations of products and services
Writing evaluation reports for the products, services and technologies you evaluated
Developing tools, both for short and long term, which enable the team to be more efficient in its missions or allow the company to automate security tests
Publishing open source tools
Attending technical security conferences and publishing articles in your expertise areas
Some business trips may be required
You have a strong subset of the following education, experience and skills :
At least 5 years of professional experience in security automation or deep-dive security evaluation
Experience working on the security of cloud-based systems
Designing and implementing automated security measures in at least one of these domains :
automated cloud security
automated application security
automated security evaluation
You have strong experience in vulnerability research & exploitation
Containerisation and / or virtualization
Strong scripting and programming capabilities
Curious and open to new subjects
Good communication skills and an ability to explain technical subjects in layman's terms
Language skills : Negotiation level of English.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.