Cyber Security Grc Senior Consultant (D/F/M)
Taufkirchen / Ottobrunn, Germany
Airbus
Airbus pioneers sustainable aerospace for a safe and united world. Airbus designs, manufactures and delivers industry-leading commercial aircraft, helicopters, military transports, satellites, launchers and more.Job Description:
Airbus Protect brings together experts in the fields of cybersecurity, safety and sustainability. We deliver expertise to our own group, Airbus, for whom we act as a privileged partner, but also to external clients.
With more than 1.600 experienced professionals based in Germany, France and the UK, we service large-scale contracts with companies such as critical infrastructures (CNI), other industries and public institutions. Our positioning and strategy enable us to meet the highest standards of the market and to meet the challenges of tomorrow as a team... together with you!
Our location is just a stone's throw away from Munich, the beautiful state capital of Bavaria. Do you like sports and other outdoor activities? The Alps and Lake Starnberg are just an hour away and offer a wide range of leisure activities.
If desired, your place of work can also be flexibly determined between our locations within Germany, provided the company agrees. These are as follows: Ottobrunn (Munich area), Donauwörth, Friedrichshafen, Cologne, Finkenwerder (Hamburg). If the company agrees, the specified location will be agreed in writing in your employment contract as part of the hiring process.
Your advantages
Mobile working and flexible working hours
Fair and attractive remuneration and special payments
30 days' holiday and additional days off for special occasions
Intensive induction and expert support as part of onboarding in the form of personalized onboarding with a personal mentor
Excellent training opportunities and promising development prospects
Attractive social benefits and offers, including employer-financed pension scheme, employee share options, discounted car leasing, bike leasing, special conditions for insurance, employee benefits at cooperating companies
On-site facilities (depending on location) e. g. canteen and cafeteria, fitness studio, on-site kindergarten, company medical service and other health-related services
Your main tasks
Conduct regular information security risk assessments using qualitative and/or quantitative methods, develop security strategies in collaboration with internal teams and stakeholders and propose corrective measures for medium to big consulting projects
Develop and implement security policies and procedures for the entire organization, ensure that policies and procedures comply with cybersecurity regulations and best practices and raise awareness of security policies and train employees on best practices
Definition and monitoring of functional and technical mitigation plans, methodological and technical monitoring, data analytics and mathematical modeling
Plan and lead small consulting projects and significantly participate to consulting projects of medium to big size
Apply consulting methods independently while documenting and presenting results internally and externally
Design and delivery of awareness and training to internal and external customers
Improvement of existing processes and toolings and involvement of technical experts to guarantee successful delivery and training of (junior) consultants
Regular advice to customers for possible further support (cross-/up-selling) and Bid preparation for small to medium sized projects or significant support for big sized projects
Conduct internal audits to verify compliance and recommend improvements if necessary
Collaboration in the preparation of offers and company presentations
Taking on functional and/or project-related tasks in projects (e. g. technical project planning, topic responsibility)
Required expertise and skills
The work task requires knowledge and skills that are generally acquired through a relevant, completed degree programme with a standard duration of up to 4 years in the field of engineering, computer science, cybersecurity or comparable degree programmes and a related extended subject-specific additional qualification. The overall required knowledge and experience may have been acquired in other ways
Extensive knowledge and experience in the above listed tasks
Deep understanding of major security management frameworks (ISO 27001, NIST CSF, OT Governance, ISO 27005, ISO 31000, any risk methodology),
Deep understanding of security technologies, controls, and best practices
Ability to develop and maintain security policies, procedures, and standards
Proven extensive experience leading Governance projects and security initiatives, strong experience with ISMS implementation and security requirements at any level is a plus,
Extensive Knowledge of regulatory requirements across industries (Export Control, GDPR, NIS2, Defense, EASA Regulations) and proven experience with GRC platforms and risk management tools
Exceptional ability to communicate complex security concepts to non-technical stakeholders, strong presentation and report writing skills for executive-level audiences and strong negotiation and influence skills, stakeholder management at executive level
Ability to advise the customer regarding his request and objectives and to build consensus among diverse stakeholders
Cultural sensitivity for working with international teams
German and English: negotiation level mandatory (speaking and writing)
Willingness to travel domestically and abroad
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company:
Airbus Protect GmbHContract Type:
PermanentExperience Level:
ProfessionalJob Family:
General SecurityBy submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.
At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits Compliance Computer Science Data Analytics GDPR Governance ISMS ISO 27001 ISO 27005 Monitoring NIS2 NIST Risk assessment Risk management Strategy
Perks/benefits: Career development Equity / stock options Flex hours Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.