Position OverviewA vacancy for A/C Security Architect (d/f/m) has arisen within the Defence and Strategic Programmes team of Airbus Cybersecurity in Spain.
We provide products, development, concepts, and cybersecurity engineering to internal and external customers in Airbus.
As a European specialist, Airbus shields customers, agencies, and critical infrastructures from cyber threats.ResponsibilitiesLeadership and management of product security aspects throughout the entire lifecycle.Promotion of the "Security-by-Design" approach among various project stakeholders.Proactive contribution to architecture design to mitigate risks.Security Risk Analysis (SRA) using methodologies such as MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.Design of detailed security architectures (High-Level and Low-Level Design) for subsystems and components.Ensuring regulatory compliance (CC/CEM, CCN-STIC).
Development of Security Operating Procedures (SecOps) for product maintenance.Security Focal Point for customer liaison and communication.Health, Safety, Quality and Environmental ResponsibilitiesFulfil responsibilities regarding Occupational Health and Safety (OHS), Quality, and Environment, including compliance with all relevant regulations, participation in training, correct use of personal protective equipment, reporting unsafe conditions, maintaining accurate records, and contributing to continuous improvement.Engage in sustainability initiatives, promoting efficient resource use and waste reduction, and reporting environmental incidents to ensure a safe, sustainable, and high-quality work environment.Internal Policies and Procedures ResponsibilitiesAs an AIRBUS SLC employee, comply with established internal policies and procedures at the Airbus Group level and specific AIRBUS SLC procedures.Commit to:
a) Comply with AIRBUS SLC policies, codes, and standards;
b) Understand and fulfil assigned roles and responsibilities regarding Information Security, Privacy, and Confidentiality;
c) Undergo training, awareness and capacity building with periodic updates on entity policies and procedures relevant to the position.
Act with due diligence to prevent security incidents.
Investigative and disciplinary proceedings may be initiated against those responsible for an incident only after prior verification of an incident.Education & QualificationsAcademic Background: Master's or Bachelor's Degree in Telecommunications, Aerospace/Aeronautical, or Computer Science Engineering.Risk Methodologies: Expert proficiency in at least two of the following methodologies: MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.Security Clearance: Mandatory NATO/National Security Clearance.Languages: English C1 (Advanced) for technical and business-level liaison.Critical KnowledgeHigh-Level and Low-Level Security Architectures (HLD/LLD).
Pentesting Fundamentals: Strong understanding of penetration testing to validate architectural designs.Compliance Standards: In-depth knowledge of CC/CEM (Common Criteria) and CCN-STIC guidelines.ExperienceMinimum of 4 years of experience in information security or aircraft systems.Technical CompetenciesCritical Architecture Design: Ability to create complex security frameworks that support aeronautical subsystems.Security-by-Design Advocacy: Proficiency in evangelizing and integrating security principles into the early stages of engineering development.Risk Management: Ability to translate technical threats into Security Risk Assessments (SRA) with business or mission impact.SecOps Definition: Capacity to draft Security Operating Procedures that ensure long-term product maintenance.Technical Consulting: Acting as a subject-matter expert (SME) for external clients to defend and explain architectural decisions.Behavioral CompetenciesLeadership and Stakeholder Management: Influence multidisciplinary teams and negotiate security requirements with Project Managers.Strategic Communication: Acting as a "Focal Point," simplifying complex architectures for clients or certification authorities.Holistic Thinking: General product vision; understand how a vulnerability in a single component affects the overall safety and security of the aircraft.Autonomy and Decision-Making: Decisiveness in validating or rejecting designs based on risk analysis and regulatory compliance.Results and Quality Orientation: Deliver high-quality technical documentation under demanding military or aeronautical standards.Company InformationAirbus Secure Land Communications, S.A.Contract TypePermanentExperience LevelProfessionalJob FamilyCyber SecurityEEO StatementAirbus is committed to achieving workforce diversity and creating an inclusive working environment.
We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all.
As such, we will never ask for any type of monetary exchange in the frame of a recruitment process.
Any impersonation of Airbus to do so should be reported to ******.
#J-*****-Ljbffr