Evaluation Specialist m/f

AIRBUS SAS (Blagnac, France) Publié il y a 14 jours

Job Description:

Are you interested in working with leading experts to protect Airbus against an ever evolving cyber threat and be part of the corporate digital security office combining; IT, industrial manufacturing, product, and people security?

Are you willing to work in a multicultural environment, with a significant scale, and on a worldwide perimeter? Are you ready to take on a new and exciting challenge? 

Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!

Airbus is a leader in the aerospace & defence sector, offering many challenging opportunities and providing numerous benefits to its employees, such as: development and training, unique challenges, world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.

Seize the opportunity to integrate the central Corporate Digital Security Team led by Group CISO and be a part of the transnational peer group of 4 core countries (France, UK, Germany, Spain) with a direct link to our global infrastructure and sites (e.g. North America, India, China, Asia …).

At Airbus corporate level, digital security topics are managed by the Digital Security organisation and structured around 5 capability departments:

  • Enterprise Security Architecture,
  • Detection & Response,
  • Evaluation & Test,
  • Risk, Vulnerability & Critical Asset,
  • Cybersecurity Innovation & Scouting.

In order to provide continuous improvements of the security programme and in efforts to discover weaknesses in the cyber security programme and implementations before external hackers, the Corporate Evaluation and advanced Test team play an important role. 

The mission is to provide advanced capabilities in the discovery, reporting, and remediation recommendations of security vulnerabilities found in both the security technologies consumed/purchased and operated or developed by the organisation. It is done by performing independent evaluation and penetration-testing of systems in order to evaluate the security effectiveness and mitigate system vulnerabilities and weaknesses (e.g. product vulnerability, miss-configurations, unpatched systems, etc.) before they are discovered by external or internal adversaries.
 

You will join the Security Evaluation team inside the Digital Security Office. The team’s mission is to provide detailed and trustworthy information on the security of the products which are bought, developed, deployed (or considered for deployment) by the company, in order to allow interested stakeholders to take informed decisions.

To fulfill this mission, the team:

  • Evaluates the security of products and services by simulating the behaviour of motivated and highly technical attackers

  • Contributes to the domain's state of the art by developing tools or methodologies

  • Provides technical expertise on security topics

The team works equally on standard IT products (infrastructure, phones, cloud services, etc.) and on the company's own products (planes, helicopters, satellites, etc.) or operational technologies (access control, ICS, video surveillance, etc.).

Main activities
  • Conducting deep-dive security evaluations of products and services, in the lab

  • Writing evaluation reports for the products, services and technologies you evaluated

  • Participating to Red Team activities

  • Developing tools, both for short and long term, which enable the team to be more efficient in its missions or allow the company to automate security tests

  • Publishing open source tools

  • Attending technical security conferences and publishing articles in your expertise areas

Outputs     
  • Evaluation report 

  • Technology watch 

  • Vulnerabilities 

  • Tooling

Skills
  • At least 5 years of professional experience in deep-dive security evaluation or Red Team

  • Significant experience in exploit development or tools/scripts development

  • Ability to write reports, articles and notes in English

  • Good command of English

  • Good command of French is a plus

  • Team spirit

  • Good communication skills and an ability to explain technical subjects in layman's terms

  • Autonomous and willing to bring up new ideas

You are a specialist in one of those areas and have some experience in one or several others:

  • Reverse engineering

  • Vulnerability exploitation

  • Web vulnerability research

  • Native applications vulnerability research

  • Network security evaluation

  • Radio/Wireless protocols security evaluation

  • Program verification/fuzzing

  • Automatization of security testing

Additional information

This role will involve travel for business in Europe and worldwide and as such you must be able to travel accordingly.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

3510 AIRBUS SAS

Contract Type:

Permanent Contract / CDI / Unbefristet / Contrato indefinido

Experience Level:

Professional / Expérimenté(e) / Professionell / Profesional

Job Family:

Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

Evaluation Specialist m/f

Apply On Company Site
Back to search page