1. Home
  2. IT development
  3. Cyber Security Architect m/f

Offers “Airbus”

Expires soon
Airbus

Cyber Security Architect m/f

  • Paris 1er Arrondissement (Paris)
  • IT development
Apply Now

Job description



Airbus Cybersecurity SAS

Airbus is a global leader in aeronautics, space and related services. In 2018 it generated revenues of € 64 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world's leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.

Job Description

Company :
European specialist in cyber security, Airbus CyberSecurity’s mission is to protect companies, critical national infrastructures, as well as government and defence organisations against cyber threats. Its reliable and high performance security products and services are able to detect, analyse and neutralise the most sophisticated cyberattacks.

We have more than 700 experts based at our main sites in France, Germany and UK, each with a Security Operating Centre. We also operate in the United States and the Middle East. This division is particularly active in the markets of surveillance, investigation and security audits for the systems most exposed to threats within the Airbus Group, but also for partners and customers in the transport, defence and aerospace sectors.

Contact :
Please apply for this vacancy online at our careers site (www.jobs.airbusgroup.com) with your CV and a cover letter in English attached. By submitting your application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group.

Description of the job :
You are interested by CyberSecurity and you are looking to work in a multi-cultural environnent, on a worldwide perimeter ?

For Airbus CyberSecurity, within the CyberSecurity Solutions Centre (TCY) based in Élancourt, a position has become available for a Cyber Security Architect and designer (m/f).

You will design cybersecurity for embedded systems taking into account:
- Risks,
- Regulation and applicable best practices,
- Trade-off between cost / efficiency / operational needs / system lifecycle.

You will lead studies (with or without prototype).
You will lead answer to request for proposal (RFP) related to enforcing cybersecurity in embedded systems.
You will provide support to the audit team to perform architecture audit, optionally based on the (French) PASSI schema.
According to projects or answer to RFP, you will ensure the role of technical leader (with the project manager)

This position will require security clearance or will require being eligible for clearance by the recognised authorities.

Task & accountabilities :
- Writing specification and design documentation (System/Subsystem Specification (SSS), System/Subsystem Design Description (SSDD), Statement of Work (SoW), Design Justification Report, etc.)
- Writing strategies for security tests
- Writing documentation to support system certification: System-specific Security Requirement (SSRS), Security plan, System Interconnection Security Requirement Statement (SISRS), System-specific Electronic Information Security Requirement Statement (SEISRS), Security OPerating ProcedureS (SecOPs), System Interconnection Security Requirement Statement (SISRS), etc.
- Writing common criteria security target
- Conducting or updating security risk analysis (EBIOS, ISO/CEI 27005)
- Leading technical workshop
- Writing technical proposal in the context of RFP
- Writing studies (state of the art, benchmark, etc.)
- Within the framework of an architecture audit, you will handle interviews, analyse documentation and write the audit report
- As a technical manager for a given mission, you will ensure the coordination of the work activities of the technical team

Required skills :
As a specialist, you must be able to master much knowledge.
Knowledge & experiences:
- Technical dissemination allowing to exchange the right information to a non-specialist audience
- Arguing and negotiating during technical meeting
- Leading meeting
-Writing answer to RFP
- Work package workload estimation
- System engineering management, including requirement management, V-cycle, Waterfall, functional analysis, etc.
o Knowledge of the following norms and models would be appreciated: NAF, TOGAF, and knowledge about system engineering applications: Doors, Enterprise architect, Mega
- Risk analysis management (Failure Modes and Effects Analysis, SIL/SAL, EBIOS, ISO/IEC 27005)
- Knowledge of security norms, standards and regulations (ISO 27k, Common Criteria, CSPN, Defence regulation, PASSI, PDIS, PRIS, LPM, IGI 1300, IGI 6600, RGSv2, OIV, SIIV, etc.)
- Following certification would be a plus:
o ISO 27k, or an expertise in the common criteria or CSPN certification
- Cybersecurity for ICS certification would be a plus :
o Certified SCADA Security Architect (CSSA)
o GIAC Global Industrial Cyber Security Professional (GICSP)
o ISA 99 / IEC 62443 Cyber Security Certificate Program
- Technical knowledge in the event of cybersecurity for ICS in the following areas:
o Industrial process control systems: RTU, PLC, DCS, SCADA, measure, Ethernet I/O
o Cybersecurity guides or standards for industrial systems: ISO/IEC 62443 (ISA99), NIST 800-xx, ANSSI guides
o Industrial protocols: PROFIBUS, MODBUS, DNP3, OPC, Ethernet/IP, etc.
o Internet of Things (IoT),
o Industrial systems (SCADA, PLC), embedded systems (RTOS)
o Wireless protocols : wi-fi, li-fi, zigbee, LoRa
o Vendors: SIEMENS, SCHNEIDER, ROCKWELL, HIRSCHMANN, PHOENIX CONTACT, etc.
o Cybersecurity products for ICS in the following areas:
# Inventory management, mapping,
# Vulnerability management,
# Event/Incident monitoring and management,
# Gateways: ICS firewall, data diode, etc.
# Remote access
- Technical knowledge in the field of Information and Communications Technology (ICT) cybersecurity in at least half of the following topics:
o Network security LAN, MAN, WAN (IPSEC VPN, firewall, Network intrusion Detection system, data diode, etc.)
o Operating system and related hardening (Windows, LINUX/UNIX)
o Endpoint security: antivirus, device control, integrity, HIDS, etc.
o Security of web services and applications, SOA architectures
o Database security
o Identity & Access Management: two-factor authentication, access control, directory, etc.
o PKI (HSM, enrolment authority, smart card, certificate policy)
o Log management: collect, aggregation, storage, SIEM/Analysis, timestamping, etc.
o Software development security: C/C++/C#, Java, Python, php, Ajax, etc.
o A first experience in the application of solutions in several of the aforementioned topics is a pre-requisite
- French: fluent
- English: advanced level

SELF-MANAGEMENT SKILLS:
Open-minded and dynamic, you are ready to get on-the-job trainings and be flexible in order to take into account the evolutions of the technologies.
Team work is essential and requires mandatory human qualities such as open mind, mutual support and transparency.
The ability to anticipate needs or to step backward must also be developed should a substitute plan be required.
As in any other expertise subject, the aptitudes to analyse and summarize are essential, as well as teaching skills so that to clearly expose a complex technical matter.

EDUCATION & PREREQUISITE
Engineering school or equivalent, and a minimum of 5 years of experience in this field in order to match the requirements for this job

INTERFACES
As a Industrial Cyber Security Architect, you will interact with:
- system architect,
- sub-system managers,
- sub-system integrators
- technical manager,
- project manager,
- integration & validation team,
- final client.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Make every future a success.
  • Job directory
  • Business directory
    •