IMSEC Cyber Security Engineer - Pentest and Audit
Airbus Defence and Space Madrid (ex Airbus Military)
Airbus is a global leader in aeronautics, space and related services. In 2017, it generated revenues of € 67 billion and employed a workforce of around 130,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description of the job
For Airbus Defence and Space (Airbus DS) in Spain within the Information Management Security team we are looking for an IMSEC Cyber Security Engineer with proven experience in pentest and audit.
The Airbus DS IMSEC Cyber Security Engineer will report to the Airbus DS Head of IM Security Spain within the IM Security. The main focus of this position is the Spanish perimeter but with a high involvement in international initiatives on the basis of an Airbus DS wide approach.
As a Cyber Security Engineer you will work with the business and other technical IM teams providing you expertise to the projects, defining and validating requirements and solutions.
You will be joining challenging and complex projects, with tight timeframes to ensure that the Airbus data is properly protected.
The position requires excellent Information security skills, a deep understanding and proven experience in technical pentest and Audit beside a solid education in IM Security and Information Technology.
Your responsibilities will include:
· Leading the pentest activities in Airbus DS.
· Perform security pentest and validations: web application testing, network security.
· Review infrastructure, architectures and designs.
· Create the audit findings and reports.
· Define and maintain security architecture standards.
· Define security requirements and solutions.
· Create security architectures optimizing the information systems security.
· Ensure the security regulatory compliance.
· Provide reports for IM and InfoSec Management on a regularly basis.
· Responsible of the implementation of Information cybersecurity strategy according to Airbus policies.
· Participate in the Airbus international workgroups.
Skills and Qualification
· Passionate about Security and Technology.
· Willingness to do always your best.
· At least 5 years in Information Security.
· Real experience in application pentesting and vulnerability assessment.
· Experience in application pentesting and vulnerability assessment.
· Experience with audit and pentesting tools. Perform technical security assessments including code audit is desirable.
· In depth knowledge of common web application attacks and vulnerabilities.
· Deep understanding of application and software development.
· Solid operating systems, database and networking protocols knowledge.
· Good level of understanding of HTML, Java, C#, .net Knowledge of OWASP, CWE, ...
· Experience with network and application security architecture.
· Deep operating systems knowledge: Windows, Unix, Linux, ...
· Solid Networking, communications & authentication protocols knowledge.
· Understanding of vulnerability management: identification, implications and resolution.
· Knowledge of application and secure software development.
· Systems and applications architecture design experience.
· Project and Service management skills and experience.
· Document, reports and presentation writing.
· Experience in document and presentation creation.
· Hacker mindset: Curiosity, willingness to understand how things work, how to break and fix them.
· Highly innovative mindset and permanently challenging the status quo.
· Ability to work in an environment that requires a high level of detail and confidentiality.
· Self-motivated with the ability to work independently and as a team member in a challenging environment.
· Strong team player in an agile international team.
· Able to work autonomously as well as in international teams.
· Strategic and entrepreneur thinking.
· Must be able to understand detailed technical procedures, projects and policies.
· Reliability, accuracy and a feeling for making analytical decision on criteria and processes.
· Personality capable to develop and maintain reliable relationships on all relevant management levels.
· Strong skills in communicating and presenting complex situations.
· Analytical capabilities and well developed planning and organizational skills.
· Ability to obtain a Security Clearance.
· The role will involve traveling.
· CISSP, OSCP, GPEN, GWAPT, GSNA certifications or equivalent are highly desired.