Job Description
We are looking for an experienced Incident Responder as Line Manager to Lead our Airbus Protect Incident Response Centre (IRC). Reporting to the HO CSIRT, the IRC Line Manager will have a strong Technical focus, at expert level (Technical Leader) within Incident Response topics and the ability to manage and lead a small professional transnational team of responders to support the Managed Security Services and interoperability between IRC, our Threat & Service Management teams in addition to the Security Operations Centre.
This position's location is flexible within our different sites in France and UK.
The role …
- Responsible for the day to day leadership and management of the transnational Incident Response Centre (IRC)
- Accountable for the development and maintenance of a proactive Incident Response Plan. The plan is to include but not limited to the communications plan plus the specific procedural or technical responses following a major security incident.
- Is responsible for the design, planning and execution of IR exercises and Cybersecurity crisis management preparation exercises to test the Incident Response Plan.
- Develop and maintain the readiness of the logistics and IRC team members in the associated tooling, procedures and ensure all permits and authorisations are current.
- Act as the incident manager, or delegate the authority to a qualified person, to provide expert direction and full accountability for the entire process and duration of ongoing incidents.
- Coordinates the communication plan and provides timely updates to stakeholders.
- Ensure all stakeholders know their role in the Incident Response Plan and that stakeholders are actively brought into the loop of ongoing incidents.
- Responsible for ensuring all incidents are subject to feedback (lessons identified) as to capitalise on and define improvement actions.
- Responsible for maintaining high levels of Customer satisfaction.
- Take an active part in the coordination of testing for and resolving system vulnerabilities in coordination with the Threat Management Centre.
- Take an active and collaborative part in the coordination of Threat Hunting activities.
- Take a leading part in the coordination of Incident response processes applicable to IRC, specifically the coordination and interoperability with the Security Operations Centres, Threat Management Centre and Service Management teams.
- Supports the attainment and maintenance of relevant Certification (BSI, PRIS, etc)
- Responsible for the provision of cost calculations supporting bid activities or new service designs and supporting the Sales teams in their working knowledge of IRC services.
- Manages the personnel of the IRC in terms of recruitment, retention, training and development, career planning, programming of activities and absences.
- Maintains an expert knowledge of best cyber security practices.
- Provide technical support for R&D or R&T projects
This position requires a security clearance or requires eligibility for clearance by recognised authorities.
Education
It would be an advantage (disirabie) to hold the following, or an equivalent;
- A master's degree in a related field, such as computer science, cyber security or information technology.
- A general security certification, such as CISSP or Certified Information Security Manager (CISM), or an incident response-specific certification.
- A range of certification relating to malware analysis and reverse engineering
Other Skills
- Experience in leading an Incident Response Team
- Proficiency in using incident response and SIEM, SOAR, EDR, XDR tools, and familiarity with digital forensics techniques and other associated tools.
- Hands-on experience in data analysis, familiarity with cloud infrastructure, web application and servers.
- Strong written and verbal communications skills, and the ability to articulate complex technical issues in a concise and confident manner.
Leadership Skills
- The ability to work in a dynamic organisational structure, and to be a decisive, bright, and positive leader.
- Ability to work in a multi National role, supporting IR Teams in our home countries.
Experience
Five or more years of experience in incident response, cybersecurity, or a related field
What’s in it for you…
- Joining Airbus Protect with :
- A close and caring management,
- A pipeline of innovative projects,
- A community of recognised experts,
- Great career paths and training opportunities,
- Great benefits:
- 25 days holiday
- Hybrid working
- Flexi time
- Option to purchase holidays
- Generous pension scheme
- Eligibility to a Company profit sharing scheme
- Share options
- Access to a benefits platform offering car leasing, family health plans, dental plan, shopping discounts and much more …
You are looking for a position with various activities and real professional opportunities…
Join the AIRBUS PROTECT journey, we are waiting for you!
#BUCyberAP #JobAPFR #JobAPUK #6to10YearsExp #Over10YearsExp
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company
Airbus Protect Limited
Contract Type
Permanent
Experience Level
Professional
Job Family
Cyber Security
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.
At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.
#YESPOST