Description of the job
A vacancy for an Cyber Security Engineer (m / f / d) has arisen within Airbus Defence and Space in Manching. The successful applicant will join Product Security Military Aircraft .
Tasks & accountabilities
The jobholder will contribute to ensure the Security of Airbus products, supporting services and systems across Airbus Defence and Space.
The jobholder will be joining a team in charge of the analysis, definition and specification of the security aspects of Airbus DS products and their development, test, integration, production and support systems for Military Aircraft, Space Systems, CIS and UAS Business Lines, throughout their lifecycle.
The jobholder will be a key member TEIS supporting Military Aircraft and UAS business lines in Manching, initially MALE RPAS Programme (both Aircraft and Ground Support Systems), and work collaboratively with TEIS colleagues in Spain, Germany France and the UK to achieve the required deliverables for Military Aircraft and UAS programmes.
The jobholder will contribute to the security activities of the MALE RPAS programme.
The jobholder may also have a supporting role in the Product Security activities on the FCAS programme.
The jobholder may also be required to utilise their expertise and represent Airbus Defence and Space, thus TEIS, at Airbus transversal meetings and collaborative workshops.
The Job holder will report into the Product Security Team Lead for Military Aircraft.
In support of the Business Line the main tasks and responsibilities will be focused on :
Assist Programme management, Chief Engineer Office and supply chain in Technical oversight of the major sub-contractors with regards to INFOSEC
Performance of security risk analysis (threat and vulnerability assessment) on products and supporting information systems.
Definition of security requirements for products and information systems.
Design of security architectures for products and information systems.
To specify and assist in the development of security measures to protect and defend Airbus products and systems by ensuring their confidentiality,
integrity and availability.
Work proactively to ensure the compliance of the security requirements, thus implementation, with any applicable national and international security
Provision of innovative technology solutions in term of information security.
Support assessments and audits of the information security aspects of projects and product lines across Airbus Defence and Space to ensure compliance with Airbus business, customer and national security requirements.
Supporting programs and projects in the definition and production of product security documents and records in line with customer national security
requirements and Airbus business requirements.
To develop, review and improve the Airbus product security policies, methods and tools
To assist projects and programmes in the development of secure configuration guidelines for products and systems.
To specify and support penetration testing and health checks on products and systems.
Support a culture of engagement across the engineering organization, which emphasizes shared responsibility in achieving secure designs.
Conduct formal compliance process (security evaluation, certification and accreditation processes) in accordance to the appropriate criteria and
methodologies. (CC / CEM, ITSEC / ITSEM) and the national and NATO security regulations.
Perform information systems security evaluation for verification and validation processes.
Perform security technical audits.
Production of the security operating procedures to guarantee the security of information systems throughout their lifecycle.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
We are looking for candidates with the following skills and experience :
University Degree in Telecommunications, Computer Science or similar
Deep understanding of information security standards and their
implementation (Principally aligned with ISO27001 but knowledge of other
frameworks such as NIST, desirable).
Deriving systems and applications security requirements and architectural design.
Performing assessment of products and systems security maturity.
Familiarity with threat and risk analysis methods and tools utilised within NATO (EBIOS / PILAR / MAGERIT)
Undertaking security risk management decisions and necessary mitigations.
Creation and management of Product Security documentation.
Assessment of impacts of legislation / regulation changes on Product Security.
Understanding of Security Management concepts within customer organisations across the Airbus Defence and Space client base.
Understanding of EUROCAE Aviation Cyber Security Processes, Tools and Documentation. (ED202, ED203)
Strong knowledge of information security and information systems.
Knowledge of NATO / National security regulation.
Strong knowledge of Security Evaluation, Certification and Accreditation Processes.
Solid understanding of networking and communications protocols.
Strong team spirit
Excellent interpersonal and strong leadership skills.
Strong oral and written communication skills.
Enthusiastic and proactive approach.
Advanced level in English.
Ability to learn and grow in an evolving environment.
Ability to work in a Transversal Engineering Function.