A/C Security Architect (d/f/m), Madrid
Empresa
Airbus
Provincia
Madrid
Ciudad
Madrid
Tipo de Contrato
Tiempo Completo
Descripción
A/C Security Architect (d/f/m)
Job Description:
A vacancy for A/C Security Architect (d/f/m) has arisen within the Defence and Strategic Programmes team of Airbus Cybersecurity in Spain. We provide products, development, concepts, and cybersecurity engineering to internal and external customers in Airbus. As a European specialist, Airbus shields customers, agencies, and critical infrastructures from cyber threats.
We are looking for experienced A/C Security Architect with proven experience in the defence and aerospace domains. In the role of A/C Security Architect the main responsibilities are:
1. Leadership and management of product security aspects throughout the entire lifecycle.
2. Promotion of the Security-by-Design approach among various project stakeholders.
3. Proactive contribution to architecture design to mitigate risks.
4. Security Risk Analysis (SRA) using methodologies such as MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.
5. Design of detailed security architectures (High-Level and Low-Level Design) for subsystems and components.
6. Ensuring regulatory compliance (CC/CEM, CCN-STIC).
7. Development of Security Operating Procedures (SecOps) for product maintenance.
8. Security Focal Point for customer liaison and communication.
9. As an integral part of their duties, the candidate must fulfill responsibilities regarding Occupational Health and Safety (OHS), Quality, and Environment. This includes strict compliance with all health and safety regulations and procedures established by the company and current legislation participating in OHS training correctly using personal protective equipment (PPE) and reporting any unsafe conditions. Furthermore, they must ensure all activities align with quality standards, contributing to continuous improvement, maintaining accurate records, and participating in quality audits. They shall also engage in sustainability initiatives, promoting efficient resource use and waste reduction, and reporting environmental incidents to guarantee a safe, sustainable, and high-quality work environment.
10. As an AIRBUS SLC employee, the candidate is required to know and comply with established internal policies and procedures, both at the Airbus Group level and specific AIRBUS SLC procedures, committing to:
- a) Comply with AIRBUS SLC policies, codes, and standards.
- b) Understand and fulfill assigned roles and responsibilities regarding Information Security, Privacy, and Confidentiality.
- c) Undergo training, awareness, and capacity building with periodic updates on entity policies and procedures relevant to their position. Act with due diligence to prevent security incidents. In this regard, investigative and disciplinary proceedings may be initiated against those responsible for an incident such proceedings shall not commence without prior verification that an incident has occurred.
Required Education Qualifications
- Academic Background: Masters or Bachelors Degree in Telecommunications, Aerospace/Aeronautical, or Computer Science Engineering.
- Risk Methodologies: Expert proficiency in at least two of the following methodologies: MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.
- Security Clearance: Mandatory NATO/National Security Clearance.
- Languages: English C1 (Advanced) for technical and business-level liaison.
Critical Knowledge
Key Technical Expertise:
- High-Level and Low-Level Security Architectures (HLD/LLD).
- Pentesting Fundamentals: Strong understanding of penetration testing to validate architectural designs.
- Compliance Standards: In-depth knowledge of CC/CEM (Common Criteria) and CCN-STIC guidelines.
Required Experience
- Minimum of 4 years of experience in information security or aircraft systems.
Required Competencies
Technical Competencies
- Critical Architecture Design: Ability to create complex security frameworks that support aeronautical subsystems.
- Security-by-Design Advocacy: Proficiency in evangelizing and integrating security principles into the early stages of engineering development.
- Risk Management: Ability to translate technical threats into Security Risk Assessments (SRA) with business or mission impact.
- SecOps Definition: Capacity to draft Security Operating Procedures that ensure long-term product maintenance.
- Technical Consulting: Acting as a subject matter expert (SME) for external clients to defend and explain architectural decisions.
Behavioral Competencies
- Leadership and Stakeholder Management: Ability to influence multidisciplinary teams and negotiate security requirements with Project Managers.
- Strategic Communication: Proficiency in acting as a Focal Point, simplifying complex architectures for clients or certification authorities.
- Holistic Thinking: Global product vision ability to understand how a vulnerability in a single component affects the overall safety and security of the aircraft.
- Autonomy and Decision-Making: Decisiveness in validating or rejecting designs based on risk analysis and regulatory compliance.
- Results and Quality Orientation: Focused on delivering high-quality technical documentation under demanding military or aeronautical standards.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Companys success, reputation and sustainable growth.
MAGERIT, PILAR, NIST, EBIOS, EUROCAE ED202A, EUROCAE ED203B,
Job Description:
A vacancy for A/C Security Architect (d/f/m) has arisen within the Defence and Strategic Programmes team of Airbus Cybersecurity in Spain. We provide products, development, concepts, and cybersecurity engineering to internal and external customers in Airbus. As a European specialist, Airbus shields customers, agencies, and critical infrastructures from cyber threats.
We are looking for experienced A/C Security Architect with proven experience in the defence and aerospace domains. In the role of A/C Security Architect the main responsibilities are:
1. Leadership and management of product security aspects throughout the entire lifecycle.
2. Promotion of the Security-by-Design approach among various project stakeholders.
3. Proactive contribution to architecture design to mitigate risks.
4. Security Risk Analysis (SRA) using methodologies such as MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.
5. Design of detailed security architectures (High-Level and Low-Level Design) for subsystems and components.
6. Ensuring regulatory compliance (CC/CEM, CCN-STIC).
7. Development of Security Operating Procedures (SecOps) for product maintenance.
8. Security Focal Point for customer liaison and communication.
9. As an integral part of their duties, the candidate must fulfill responsibilities regarding Occupational Health and Safety (OHS), Quality, and Environment. This includes strict compliance with all health and safety regulations and procedures established by the company and current legislation participating in OHS training correctly using personal protective equipment (PPE) and reporting any unsafe conditions. Furthermore, they must ensure all activities align with quality standards, contributing to continuous improvement, maintaining accurate records, and participating in quality audits. They shall also engage in sustainability initiatives, promoting efficient resource use and waste reduction, and reporting environmental incidents to guarantee a safe, sustainable, and high-quality work environment.
10. As an AIRBUS SLC employee, the candidate is required to know and comply with established internal policies and procedures, both at the Airbus Group level and specific AIRBUS SLC procedures, committing to:
- a) Comply with AIRBUS SLC policies, codes, and standards.
- b) Understand and fulfill assigned roles and responsibilities regarding Information Security, Privacy, and Confidentiality.
- c) Undergo training, awareness, and capacity building with periodic updates on entity policies and procedures relevant to their position. Act with due diligence to prevent security incidents. In this regard, investigative and disciplinary proceedings may be initiated against those responsible for an incident such proceedings shall not commence without prior verification that an incident has occurred.
Required Education Qualifications
- Academic Background: Masters or Bachelors Degree in Telecommunications, Aerospace/Aeronautical, or Computer Science Engineering.
- Risk Methodologies: Expert proficiency in at least two of the following methodologies: MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.
- Security Clearance: Mandatory NATO/National Security Clearance.
- Languages: English C1 (Advanced) for technical and business-level liaison.
Critical Knowledge
Key Technical Expertise:
- High-Level and Low-Level Security Architectures (HLD/LLD).
- Pentesting Fundamentals: Strong understanding of penetration testing to validate architectural designs.
- Compliance Standards: In-depth knowledge of CC/CEM (Common Criteria) and CCN-STIC guidelines.
Required Experience
- Minimum of 4 years of experience in information security or aircraft systems.
Required Competencies
Technical Competencies
- Critical Architecture Design: Ability to create complex security frameworks that support aeronautical subsystems.
- Security-by-Design Advocacy: Proficiency in evangelizing and integrating security principles into the early stages of engineering development.
- Risk Management: Ability to translate technical threats into Security Risk Assessments (SRA) with business or mission impact.
- SecOps Definition: Capacity to draft Security Operating Procedures that ensure long-term product maintenance.
- Technical Consulting: Acting as a subject matter expert (SME) for external clients to defend and explain architectural decisions.
Behavioral Competencies
- Leadership and Stakeholder Management: Ability to influence multidisciplinary teams and negotiate security requirements with Project Managers.
- Strategic Communication: Proficiency in acting as a Focal Point, simplifying complex architectures for clients or certification authorities.
- Holistic Thinking: Global product vision ability to understand how a vulnerability in a single component affects the overall safety and security of the aircraft.
- Autonomy and Decision-Making: Decisiveness in validating or rejecting designs based on risk analysis and regulatory compliance.
- Results and Quality Orientation: Focused on delivering high-quality technical documentation under demanding military or aeronautical standards.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Companys success, reputation and sustainable growth.
MAGERIT, PILAR, NIST, EBIOS, EUROCAE ED202A, EUROCAE ED203B,