Airbus CyberSecurity Elancourt
As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.
Airbus is a global leader in aeronautics, space and related services. In 2016, it generated revenues of € 67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description of the job
For Airbus Defence & Space within the Cyber Security Solutions Centre based in Elancourt, we are looking for a Cyber Security Architect. In this role you will design cyber security for industrial control systems (ICS) or embedded systems taking into account risks, regulation and applicable best practices.
You will have the opportunity to lead studies (with or without prototype). Lead answers to request for proposal (RFP) related to enforcing cybersecurity in ICS or embedded systems. You will be able to provide support to the audit team to perform architecture audit, optionally based on the (French) PASSI schema.
Please note: This position will require a French Security Clearance or will require being eligible for clearance by the recognized authorities.
Tasks & accountabilities
- Writing specification and design documentation (System/Subsystem Specification (SSS), System/Subsystem Design Description (SSDD), Statement of Work (SoW), Design Justification Report, etc.)
- Writing strategies for security tests
- Writing documentation to support system certification: System-specific Security Requirement (SSRS), Security plan, System Interconnection Security Requirement Statement (SISRS), System-specific Electronic Information Security Requirement Statement (SEISRS), Security OPerating ProcedureS (SecOPs), System Interconnection Security Requirement Statement (SISRS), etc.
- Writing common criteria security target and conducting or updating security risk analysis (EBIOS, ISO/CEI 27005)
- Leading technical workshop and writing technical proposal in the context of RFP
- Writing studies (state of the art, benchmark, etc.), within the framework of an architecture audit, you will handle interviews, analyse documentation and write the audit report.
- As a technical manager for a given mission, you will ensure the coordination of the work activities of the technical team
Overview of Requirements
- Engineering school or equivalent, and a minimum of 5 years of experience in this field in order to match the requirements for the job.
- Architect experience and knowledge of technical systems detailed below.
- Strong technical dissemination allowing to exchange the right information to a non-specialist audience
- Ability to lead meetings, answer to RFP and workpackage workload estimation
- Open-minded, you are ready to get on-the-job trainings and be flexible in order to take into account the evolutions of the technologies.
- Good team work is essential and requires mandatory human qualities such as open mind, mutual support and transparency.
- The ability to anticipate needs or to step backward must also be developed should a substitute plan be required.
- As in any other expertise subject, the aptitudes to analyse and summarize are essential, as well as teaching skills so that to clearly expose a complex technical matter.
- French: fluent and English: advanced level
Detailed Technical Knowledge
- System engineering management, including requirement management, V-cycle, Waterfall, functional analysis, etc.
- Knowledge of the following norms and models would be appreciated: NAF, TOGAF, and knowledge about system engineering applications: Doors, Enterprise architect, Mega
- Risk analysis management (Failure Modes and Effects Analysis, SIL/SAL, EBIOS, ISO/IEC 27005)
- Knowledge of security norms, standards and regulations (ISO 27k, Common Criteria, CSPN, Defence regulation, PASSI, PDIS, PRIS, LPM, IGI 1300, IGI 6600, RGSv2, OIV, SIIV, etc.)
- Following certification would be a plus: ISO 27k, or an expertise in the common criteria or CSPN certification
- Cybersecurity for ICS certification would be a plus : Certified SCADA Security Architect (CSSA), GIAC Global Industrial Cyber Security Professional (GICSP), ISA 99 / IEC 62443 Cyber Security Certificate Program
…Technical knowledge in the event of cybersecurity for ICS in the following areas:
- Industrial process control systems: RTU, PLC, DCS, SCADA, measure, Ethernet I/O
- Cybersecurity guides or standards for industrial systems: ISO/IEC 62443 (ISA99), NIST 800-xx, ANSSI guides
- Industrial protocols: PROFIBUS, MODBUS, DNP3, OPC, Ethernet/IP, etc.
- Internet of Things (IoT),
- Industrial systems (SCADA, PLC), embedded systems (RTOS)
- Wireless protocols : wi-fi, li-fi, zigbee, LoRa
- Vendors: SIEMENS, SCHNEIDER, ROCKWELL, HIRSCHMANN, PHOENIX CONTACT, etc.
…Knowledge of Cybersecurity products for ICS in the following areas:
- Inventory management, mapping,
- Vulnerability management,
- Event/Incident monitoring and management,
- Gateways: ICS firewall, data diode, etc.
- ICS endpoint integrity.
- Remote access
…Technical knowledge in the field of Information and Communications Technology (ICT) cybersecurity in at least half of the following topics:
- Network security LAN, MAN, WAN (IPSEC VPN, firewall, Network intrusion Detection system, data diode, etc.)
- Operating system and related hardening (Windows, LINUX/UNIX)
- Endpoint security: antivirus, device control, integrity, HIDS, etc.
- Security of web services and applications, SOA architectures
- Database security
- Identity & Access Management: two-factor authentication, access control, directory, etc.
- PKI (HSM, enrolment authority, smart card, certificate policy)
- Log management: collect, aggregation, storage, SIEM/Analysis, timestamping, etc.
- Software development security: C/C++/C#, Java, Python, php, Ajax, etc.
Merci de candidater à travers ce lien : https://jobstats.robopost.com/count/clic.php?v=96351&j=1968