Infrastructure Security and Compliance Product Manager(m/f)
Airbus Helicopters Marignane
Airbus is a global leader in aeronautics, space and related services. In 2017, it generated revenues of € 67 billion and employed a workforce of around 130,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as Europe’s number one space enterprise and the world’s second largest space business. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.
Our people work with passion and determination to make the world a more connected, safer and smarter place. Taking pride in our work, we draw on each other's expertise and experience to achieve excellence. Our diversity and teamwork culture propel us to accomplish the extraordinary - on the ground, in the sky and in space.
Description du poste / stage
A vacancy for an Infrastructure Security & Compliance Product Manager (m/f) has arisen in the team in charge of Hosting Services within Airbus Helicopters in Marignane.
You will join the Department of Operations inside the Information Management Directorate where you will be in charge of all Security and Compliance aspects of Hosting Services (encompassing Hardware, Virtualization, Operating Systems, Web services, Databases, NAS filers …).
Tâches et missions principales, responsabilités
In this position, you will collaborate with Cyber Security experts of IM Security Department, in charge of security policies, and Back-Office experts, in charge of Hosting Services.
Based on your experience of ICT you will be a key player for securing Airbus Helicopters information system from legacy to cloud platforms (Public and Private). You will be responsible for developing and implementing solutions ensuring the compliance of Hosting Services with security policies.
You will also represent Airbus Helicopters in Airbus Group's activities in relation with your mission.
This position will require being eligible for clearance by the recognized authorities and will involve regular travels in Europe.
As an Infrastructure Security and Compliance Product Manager you will:
- Collaborate with Cyber Security experts in the definition of security policies for Hosting Services by taking into account operational and cost impacts.
- Integrate security policies in Hosting Services standards and catalog.
- Integrate export control regulatory needs in Hosting Services standards and catalog.
- Ensure that the delivery of Hosting Services, from service setup to service decommissioning, is compliant with security policies and export control regulations.
- For restricted perimeters, ensure that the delivery of Hosting Services is compliant with national and international regulations.
- Reinforce these compliances with the setup of strong processes and automations.
- Automate the data gathering for the purpose of technical investigations related to Compliance and Vulnerability.
- Identify security risks and exposures. Undertake risk assessments and propose concrete solutions for their mitigations.
- Steer providers in charge to deploy and operate Hosting Services focusing on security and compliance concerns. Chair the contractual Security Management Committees hold with these providers.
- Participate to the Compliance & Vulnerability board of IM Security Department. Lead the delivery of actions failing to Hosting Services.
- Support security audits. Lead the solving of findings failing to Hosting Services.
- Ensure that demands issued by IM Security Department are properly managed by Hosting Services and control their deliveries in accordance with commitments. Instigate actions to rectify poor performance.
- Ensure the performance, stability and availability of Security solutions operated by Hosting Services (like CyberArk, Anti-virus …).
- Support Airbus Helicopters’ Disaster Recovery Plan (DRP) for Security solutions operated by Hosting Services.
- Define and publish Key Performance Indicators (KPI’s) related to the purpose of the job.
- Support a Continual Service Improvement (CSI) in line with operational and cost justifications.
Pretty impressive isn't it?
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
You will have the following skills and experience:
- Experience in IT operations (an ITIL certification would be appreciated).
- Experience in development technologies (API, PowerShell scripting ...).
- Knowledge of Compliance & Security standards.
- Knowledge of Windows servers, Linux and Unix servers, SCCM, RedHat Satellite, OpenScap, DSC, Network and NAS services
- Self-motivated to deal with security issues as they arise
- Strong analytical skills
- Autonomous, Open minded, Creative, Curious about all Next Generation Technologies you are ‘out of the box’!!
- Customer oriented
- Good communication skills, both spoken and written and Negotiation skills can help.
- Language Skills: advanced level of English and French.