Cyber Monitoring SOC Specialist - L3 (f/m), Toulouse

Airbus is a leading aircraft manufacturer with the most modern and comprehensive family of airliners on the market, ranging in capacity from 100 to more than 500 seats. Airbus champions innovative technologies and offers some of the world’s most fuel efficient and quiet aircraft. Airbus has sold over 13.800 aircraft to more than 360 customers worldwide. Airbus has achieved more than 8,000 deliveries since the first Airbus aircraft entered into service. Headquartered in Toulouse, France.

Tasks

The SOC Mission is to:

• Ensure the monitoring, detection, and analysis of potential intrusions in real time and through historical trending on security-relevant data sources.
• Response to confirmed incidents, by directing use of timely and appropriate countermeasures.
• Providing situational awareness and reporting on cybersecurity status, incidents.

Within the position, you will be a Level 3 analyst of the SOC, belonging to the RUN team. Your mission is to :

• You will be accountable to design, implement, integrate measures to detect and responds Cyber Threats (ie. Advanced Persistent Threats, fraud) against Airbus to reduce company risks.
• You will determine solutions and optimize methods and means with the validation of the senior L3 Analysts.
• You will support the Cyber Security department by providing operational platform and tools that follow best practices to ensure adherence to IM standard.
• Define SOC framework and processes to efficiently measure company risks with the support of the senior L3 Analysts.
• Design, measure and improve SOC detections and ensure its consistency/efficiency.
• Measure risk reduction and quality of service provided by SOC.
• Analyze, qualify and respond to cyber security incidents and conduct investigations.
• Contribute to building new tools and techniques to compress human-intensive tasks.
• Analyze/Crunch data to improve SOC detections strategy.
• Keep up to date with threats, anticipate needs and further evolutions.
• Be accountable for platform maintenance and upgrade, Propose and lead improvements in terms of architecture, network quality and processes.
• You will report to the SOC Product Manager and interface with Country Security Officers having a direct link with all the others sites around the world (US, China, India, Middle East …).
• You will work with a wide variety of people from different internal organizational units, bringing them together to manifest controls that reflect workable compromises as well as proactive responses to current and future information security risks.

Profile

• Experience in Cybersecurity and an educational background in IT / Information Security.
• Any certification (CISSP, CISM,..) would be a plus.
• Experience in Data Systems Architecture.
• Experience with SPLUNK Enterprise Security, Splunk search Processing Language (SPL).
• Knowledge in SOC referentials such as Sigma, Stix Taxii, MITRE ATT&CK.
• Good knowledge in Log Management.
• Good knowledge development in Python would be a plus.
• Previous experience working with Agile / SAFE methodologies would be a plus.
• Ability to understand technical details and to communicate around them within a multifunctional team.
• Good level of autonomy and pragmatism is required.
• Good level in English.