Cyber Monitoring SOC Specialist L3 (m/f), Toulouse

Airbus is a leading aircraft manufacturer with the most modern and comprehensive family of airliners on the market, ranging in capacity from 100 to more than 500 seats. Airbus champions innovative technologies and offers some of the world’s most fuel efficient and quiet aircraft. Airbus has sold over 13.800 aircraft to more than 360 customers worldwide. Airbus has achieved more than 8,000 deliveries since the first Airbus aircraft entered into service. Headquartered in Toulouse, France.

Missions

Context & Environment:

Security threats have increased drastically in the last few years and organization are facing an increasingly complex threat landscape. Last year Norton Cybercrime Report estimated a global cost of cybercrime around 150 billion Euros.
In this context, Airbus Group is more and more at risk due to its leading position in the market and the additional risks coming from the Extended Enterprise. We have been facing malware attacks which have become more and more sophisticated over the last months. Airbus digitalization is bringing many opportunities but they come with new risks.
Therefore, Airbus has developed state-of-the art cyber-threats detection capabilities, relying on more than 10 years of experience, in order to protect its business assets.
In this context, the SOC Mission is to:

• Ensure the monitoring, detection, and analysis of potential intrusions in real time and through historical trending on security-relevant data sources.
• Response to confirmed incidents, by directing use of timely and appropriate countermeasures.
• Providing situational awareness and reporting on cybersecurity status, incidents.
• Security is not an option, be part of it!

Your future Team

• You will be a part of the Security Operations Center team (SOC) within a transnational peer group of 4 countries (France, UK, Germany, Spain).
• You will report to the SOC Product Manager and interface with Country Security Officers having a direct link with all the others sites around the world (US, China, India, Russia, Middle East …).
• You will work with a wide variety of people from different internal organizational units, bringing them together to manifest controls that reflect workable compromises as well as proactive responses to current and future information security risks.

Your Impact

• You will be accountable to design, implement, integrate measures to detect and responds Cyber Threats (ie. Advanced Persistent Threats, fraud) against Airbus to reduce company risks.
• You will support the Cyber Security department by providing operational platform and tools that follow best practices to ensure adherence to IM standard.

Additional details about the role:

• Define SOC framework and processes to efficiently measure company risks.
• Design, measure and improve SOC detections and ensure its consistency/efficiency.
• Measure risk reduction and quality of service provided by SOC.
• Analyze, qualify and respond to cyber security incidents and conduct investigations.
• Build new tools and techniques to compress human-intensive tasks.
• Analyze/Crunch data to improve SOC detections strategy.
• Keep up to date with threats, anticipate needs and further evolutions.
• Be accountable for platform maintenance and upgrade, Propose and lead improvements in terms of architecture, network quality and processes.

Your Boarding Pass

• You have at least 3 years of experience in Cybersecurity and an educational background in IT / Information Security.
• Any certification (CISSP, CISM,..) would be a plus.
• Experience in Data Systems Architecture.
• Experience with SPLUNK Enterprise Security, Splunk search Processing Language (SPL), SOAR technology (Splunk Phantom).
• Knowledge in SOC referentials such as Sigma, Stix Taxii, MITRE ATT&CK.
• Good knowledge in Log Management.
• Good knowledge development in Python would be a plus.
• Previous experience working with Agile / SAFE methodologies would be a plus.
• Ability to understand technical details, capture the essence to communicate them.
• High level of autonomy and pragmatism is required.
• Negotiation level in English.