Cyber Security Incident Responder (w/m)

Letzte Änderung
02 Mrz 2018
Airbus Defence and Space
Sulzbach/Taunus GER
10383157 CP EN EXT 3
Professional staff - engineer
Sicherheit & Produktsicherheit
Full time
5 bis 10 Jahre Berufserfahrung

Cyber Security Incident Responder (w/m)

Airbus Defence and Space Frankfurt

As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.

Airbus is a global leader in aeronautics, space and related services. In 2016, it generated revenues of € 67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.


A vacancy for a Cyber Security Incident Responder (m/w) has arisen within Airbus CyberSecurity in Frankfurt/Main, Germany.

As a successful candidate, your tasks will be to coordinate people, processes, tools and technology to prevent and manage information security threats, weaknesses, events and incidents in order to minimize their impact on the organization.

Aufgaben & Fähigkeiten

More specifically, your main tasks will include:

  • Being responsible for the end-to-end incident response from classification to lessons learned
  • Defining and carrying out security incident identification measures
  • Overseeing the ongoing analysis activities in Forensics or Reverse Engineering and analysing data in order to build a comprehensive view of the incident
  • Maintaining and sharing incident documentation
  • Defining response strategy and present it to the management for approval
  • Participating in cyber-crisis management and coordination
  • Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence
  • Drafting incident reports tailored for management and technical peers
  • Communicating efficiently during the identification, containment, eradication, recovery and post-mortem incident response activities
  • Maintaining and continuously improving the standard incident response toolkit
  • Contributing to awareness trainings

This role will involve some travel for business.

Stellenanforderungen - Qualifikationen

You have the following skills and experience:

  • Educated to degree level in IT Security, Engineering or equivalent
  • Several years of experience as an Incident Responder
  • Background in operating systems security, anti-virus technologies and network security
  • Practical level understanding of common TCP/IP-based services and protocols including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc.
  • Sound knowledge and experience in:

. Firewall theory, proxies/reverse proxies, IDS/IPS, etc.
. Full packet capture analysis
. Application level security: web applications, databases, secure development
. Vulnerability assessment and handling

  • Hands-on experience in:

. Malware reverse engineering and handling malicious code incidents
. Systems (file and memory) and network forensics analysis, with tools such as FTK, EnCase Enterprise

  • Knowledge of development and scripting languages such as Python, C/C++, Java, Javascript, Perl or Ruby, regular expressions, Linux shell/BASH, Windows Powershell
  • One of the following certifications is required:

. GCIH (GIAC Certified Incident Handler)
. GCIA (GIAC Certified Intrusion Analyst)
. ECIH (EC-Council Certified Incident Handler)
. CSIH (SEI Certified Computer Security Incident Handler)
. SCPO (SABSA Certified Security Operations & Service Management Practitioner)
or an equivalent certification in the field of incident handling recognized internationally

  • An internationally recognized certification in penetration testing or forensics would be a plus
  • Fluent English; German skills would be a plus


Please apply online for this vacancy at our careers site ( with your CV attached.

By submitting your CV or application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group.

Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Bewerben Per E-mail versenden