Senior Pentester H/F [Issy-Les-Moulineaux]
airbus
Paris, France
il y a 4j

Company

European specialist in cyber security, Airbus Cybersecurity’s mission is to protect companies, critical national infrastructures, as well as government and defence organizations against cyber threats.

Its reliable and high performance security products and services are able to detect, analyze and neutralize the most sophisticated cyberattacks.

We have more than 800 experts based at our main sites in France, Germany and UK, each with a Security Operating Center. This division is particularly active in the markets of surveillance, investigation and security audits for the systems most exposed to threats within the Airbus Group, but also for partners and customers in the transport, defence and aerospace sectors.

Description of the job

Context

You are passionate by Cybersecurity and you are looking to work in a multi-cultural environment, on a worldwide perimeter?

For Airbus CyberSecurity, within the Services Center, based at Issy-les-Moulineaux, a position has become available for a Senior Pentester within our CSIRT team.

Inside Airbus Cybersecurity, the Services include both the Security Operations Center (SOC) and high-skilled security Professional services, such as : management of security incident response plans, APT compromise check, security audits and associated consulting services.

The CSIRT Entity is in charge of supporting our clients during incident response investigation and driving their remediation plan.

It covers also activities upstream the incident in order to strengthen your infrastructure by performing Pentesting and RED team exercice.

The CSIRT portfolio covers the following main areas :

  • Technical security audits and assessments (Configuration, code analysis), according with PASSI and main Best practices
  • Pentesting and RED team activities
  • Incident Response investigations
  • Task & accountabilities

    We are seeking an innovative and motivated senior pentester with a high level of autonomy, strong technical curiosity, extensive knowledge and skills obtained through previous experiences in order to increase security posture of our customers.

    This role requires an analytical capability and excellent communication skills to provide technical advisory to our customers in multiple areas.

    Your main tasks and responsibilities will include :

    Leading delivery activities such as :

    IT Pentesting (On premises / Cloud infrastructure)

    Application Pentesting (Thick / Thin client)

    Network Pentesting (Wireless / VoIP)

    Mobile environment Pentest (Android / IOS)

    OT Pentesting (On-boarded system, physical access, IoT and ICS systems)

    RED team exercise (from OSINT initial step to CTF without being detected)

    Write the report of found vulnerabilities and recommendations in a non-technical format to our customers / sponsors (when possible)

    Developing the different CSIRT capacities

    R&D orientations

    Hacking tool development

    Proof of Concept research

    Supporting our BID activities

    Last but not the least, you will be recognized as a SME on Pentesting activities. You will lead the delivery on Paris Area and will coordinate junior colleagues during your mission.

    You will be a key actor from proposal to delivery on major security projects by collaborating closely with sales, presales and internal stakeholders (Consulting / engineering / expert / CTI).

    Moreover, as a practice pentester leader, you will be expected to participate & develop the CSIRT portfolio.

    This role will involve some travel for business regularly in France and Europe and as such you must be able to travel accordingly.

    This position will require a security clearance or will require being eligible for clearance by the recognized authorities.

    Required skills

    At least a master's degree in the field of Computer Science, IT, Engineering, OR equivalent work experience in IT with certifications related with Pentesting activities (e.

    g. GPEN, GXPN, OSCP, OSCE, or LPT EC-Council master)

    10+ years of professional experience

    A minimum of 5 years of experience within a Pentester security expert.

    Experience as leading security expert (Pentesting, Code Analysis, Vulnerability exploits) in multiple domains (Web, Databases, communication protocol,..)

    Ability to be multi-skilled and willing to address new technologies

    Ability to coach junior profiles, and develop their technical and interpersonal skills

    Understanding compliance requirements (GDPR / NIS / LPM )

    Willingness to travel up to approximatively 50% of the time.

    Previous PASSI accreditation (expert on Audit methodologies ISO 19011, )

    Ability to communicate with internal and external senior management confidently

    Ability to identify up-sell opportunities

    Ability to demonstrate a broad understanding of Information Security

    Effective communicator with great interpersonal skills and the ability to be credible with clients

    High engagement and distinct flexibility

    Well-marked capacity for coaching

    Standard profile

    At least a first successful experience in Information Security field

    Knowledge of the security market and its major actors,

    Insatiable curiosity and willing to learn

    Team spirit and share expertise within a team,

    Ability to take initiative

    Full professional proficiency in French and English

    Holder of security certifications (CISSP) and other certifications related with Pentesting activities (e.g. GPEN, GXPN, OSCP, OSCE, or LPT EC-Council master) would be strongly appreciated

    This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

    Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

    Signaler cette offre d'emploi
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Postuler
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Continuer
    Formulaire de candidature