Airbus Defence and Space GmbH
Airbus is a global leader in aeronautics, space and related services. In 2019 it generated revenues of € 70.5 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
A vacancy for an Cyber Security Incident Handler & Forensics (d/m/f) has arisen within Airbus Defence and Space in Ottobrunn. The successful applicant will join IMSEC Incident Management.
Information Management (IM) delivers the expertise, technology and equipment for Airbus Space and Aerospace products - We make it fly!
IM is transforming and evolving but, we need even more talented people who can make a real difference to how we support, enable and deliver a diverse range of technological solutions and services to our customers.
Our new operating model is oriented around multi-functional, agile teams working with the business and developing our digital capabilities. What does this mean for you? A role in IM is an opportunity for you to grow and to develop your career in a progressive and innovative environment.
Our people, the teams they work in and the values embedded in IM, are driving this change and you could be part of that too.
What you will be doing:
Airbus Defense and Space is looking for a passionate and talented Incident Response Analyst to join our international Incident Response Team (CSIRT). A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. The successful candidate will be responsible for managing the entire lifecycle of security incidents from detection to resolution and root cause analysis. You will be responsible for technically managing and escalating security incidents in accordance with our Incident Response plan. This is a fantastic opportunity to join a team who live and breathe for cyber security and to work for a company with great products and technologies around the globe.
Missions and activities:
· Monitor daily intrusion attempts using our Security Operation Center
· Ongoing monitoring of the security of the network and associated information systems
· Incident response and handling of the full incident according to our Incident Response plan
· Analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity.
· Create documentation regarding the identification, analysis and remediation of security threats and incidents.
· Perform follow-up analysis throughout the incident lifecycle, and complete projects and tasks associated with security monitoring, detection, and incident response.
· Authoring and implementation of original detection rules for various monitoring systems on the basis of current threats and vulnerabilities.
· Build and maintain custom security detection logic to analyze and correlate information to produce meaningful and actionable results.
· Participation in on-call rotation to cover incident response coverage.
· Perform deep forensic analyses of systems as an extended capability (This is not a mandatory skill)
· Design and improve our security landscape which includes the full triage.
This role will involve travel for business and as such you must be able to travel accordingly.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.
We are looking for candidates with the following skills and experience:
· A technical degree in computer science or similar field;
· Extensive experience in incident response;
· Familiar with forensics software such as EnCase, Helix, XRY and FTK;
· Comfortable with archiving and backing up a variety of technologies;
· Fluent in major programming languages such as Java, PHP, C++, C, C# and ASM;
· Highly proficient in computer operating systems like Linux, UNIX and Windows;
· Good understanding of Internet-based application security;
· Quick thinking, confident in making decisions in high pressure situations, willing to adapt in emergency situations, great problem solving skills, logical and rational thinker, patient, good communication skills (in writing and spoken);
· English and German: negotiation level.
Please apply for this vacancy at our careers site ( www.jobs.airbus-group.com ) with your CV attached. By submitting your CV or application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.