HO Digital Security Evaluation & Test (m/f), Paris

Airbus is a leading aircraft manufacturer with the most modern and comprehensive family of airliners on the market, ranging in capacity from 100 to more than 500 seats. Airbus champions innovative technologies and offers some of the world’s most fuel efficient and quiet aircraft. Airbus has sold over 13.800 aircraft to more than 360 customers worldwide. Airbus has achieved more than 8,000 deliveries since the first Airbus aircraft entered into service. Headquartered in Toulouse, France.

Main activities

• Define and manage the cyber security test program, considering inputs and requests from governance, risks, security architecture, and through independent review, company-wide, on the Airbus Commercial perimeter, excluding Airbus Products
• Undertake deep dive technical security evaluations for both COTS and bespoke developed equipements (Airbus Products/IT/OT)
• Undertake continuous security red team & purple team initiatives and activities as directed and within authorized rules of engagement
• Manage the third-party evaluation test-program (aka pen-testing by external companies)
• Provide feedback and recommendations from security testing to relevant departments
• Identify and report company-wide cyber-attack paths
• Define and develop processes and tools to allow the Business, company-wide, to be empowered for autonomous security testing in project mode
• Define and manage DevSecOps strategy and standards for implementation, tooling, and operation
• Provide expertise on technical matters
• Enhance the Airbus security brand by the means of publications, presentations, external engagements, etc.

Departmental Responsibilities:

• Participate in strategy definition and development of the digital security department
• Ensure coordination and cooperation across the digital security department and across Airbus
• Engage with internal customers and maintain customer request tracking, delivering to expectations

Management Responsibilities:

• Define and manage departmental strategy and vision in conjunction with the Corporate Digital Security Officer (CDSO/CISO)
• Deliver all project & department reporting
• Manage team personnel across multiple sites including performance and development, recruitment and retention according to digital security department planning
• Manage appropriately team finances within approved budget
• Manage capability and projects against cost, quality, and timeliness
• Represent the team internally and externally
• Manage internal customer and stakeholder relationships Outputs
• List of prioritized evaluation to be perform on a yearly basis
• Evaluation report
• Exercise report
• Technology watch report
• Vulnerabilities
• Tooling
• Expert recommendations and feedbacks
• Comprehensive description of company wide attack paths
• Counter measure recommendations
• COTS tools evaluation or recommendation
• Publications, White paper, documentation

Skills

• Master's Degree in Information Technology or equivalent experience
• English: Negotiation Level
• At least 15 years of work experience in the security area
• Good ability to understand Airbus policies and standards
• Strong negotiation and communication skills in an international context
• Ability to coordinate teams located in different organizations and locations