Cyber Security Incident Responder (w/m)
Airbus Defence & Space Frankfurt
As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.
Airbus is a global leader in aeronautics, space and related services. In 2016, it generated revenues of € 67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description of the job
A vacancy for a Cyber Security Incident Responder (m/w) has arisen within Airbus CyberSecurity in Frankfurt/Main, Germany.
As a successful candidate, your tasks will be to coordinate people, processes, tools and technology to prevent and manage information security threats, weaknesses, events and incidents in order to minimize their impact on the organization.
Tasks & accountabilities
More specifically, your main tasks will include:
- Being responsible for the end-to-end incident response from classification to lessons learned
- Defining and carrying out security incident identification measures
- Overseeing the ongoing analysis activities in Forensics or Reverse Engineering and analysing data in order to build a comprehensive view of the incident
- Maintaining and sharing incident documentation
- Defining response strategy and present it to the management for approval
- Participating in cyber-crisis management and coordination
- Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence
- Drafting incident reports tailored for management and technical peers
- Communicating efficiently during the identification, containment, eradication, recovery and post-mortem incident response activities
- Maintaining and continuously improving the standard incident response toolkit
- Contributing to awareness trainings
This role will involve some travel for business.
You have the following skills and experience:
- Educated to degree level in IT Security, Engineering or equivalent
- Several years of experience as an Incident Responder
- Background in operating systems security, anti-virus technologies and network security
- Practical level understanding of common TCP/IP-based services and protocols including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc.
- Sound knowledge and experience in:
. Firewall theory, proxies/reverse proxies, IDS/IPS, etc.
. Full packet capture analysis
. Application level security: web applications, databases, secure development
. Vulnerability assessment and handling
- Hands-on experience in:
. Malware reverse engineering and handling malicious code incidents
. Systems (file and memory) and network forensics analysis, with tools such as FTK, EnCase Enterprise
- One of the following certifications is required:
. GCIH (GIAC Certified Incident Handler)
. GCIA (GIAC Certified Intrusion Analyst)
. ECIH (EC-Council Certified Incident Handler)
. CSIH (SEI Certified Computer Security Incident Handler)
. SCPO (SABSA Certified Security Operations & Service Management Practitioner)
or an equivalent certification in the field of incident handling recognized internationally
- An internationally recognized certification in penetration testing or forensics would be a plus
- Fluent English; German skills would be a plus
Find the right job
Browse through the Airbus job market in order to find the position that suits you the most! The Job Market search engine will guide you through the different criteria you can select to look for jobs.
Create your profile & apply
Whether you’re applying for a vacancy in the Job Market or joining our candidate pool, you will need to create a candidate profile in the job market. Don’t forget to submit all relevant documents with your application: CV, cover letter, etc.
Pass the selection
Once you’ve submitted your application, it will be screened by our recruitment team. If successful at this stage, we will get in touch with you for a first contact interview.
Please apply online for this vacancy at our careers site (www.jobs.airbusgroup.com) with your CV attached.
By submitting your CV or application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.