Enterprise Hosting Security Lead

Job Description:

Job Summary:

NAVBLUE, an Airbus Company, is opening a new position within its Enterprise Hosting Department. The main objective of this entity is to define, provide and support the production environments used by all NAVBLUE’s customers.It is divided into 4 different teams, Hosting Engineering, Hosting Delivery, Hosting Operations and Hosting Security supporting all the topics related to Solutions Hosting within NAVBLUE: from engineering to the monitoring and support of the solution.NAVBLUE solutions are currently hosted mainly in AWS Cloud using a combination of native AWS cloud solutions and VMware on AWS.

To support the team growth and its new organization, we are looking for a Team Leader for the Hosting Security Group.

The position holder will lead the newly created Enterprise Hosting Security Entity. The goals of the entity are to:

 which goals are to:

• Reactively and proactively resolve the security items raised by policy, results of scanning and other items for NAVBLUE Products. 

• Monitor and resolve security items that are related to hosting.

The first responsibility of the Lead being to define and structure the activity in coordination with other stakeholders. 

The role requires a deep understanding of the cyber-security topics and of the hosting technologies, a capacity to structure an activity in an industrial environment and a capacity to lead the team, prioritize the activities and perform trade-offs on a daily basis.

 

Responsibilities:

The Hosting Security Lead will have the following responsibilities:

• Structure the Security Operations activities with all the internal stakeholders working on the topic: Security Officer, IT, Software Factory/Architects and potentially Airbus.

• Define the priorities of this group in coordination with the different stakeholders: Security, IT, Operations, Hosting Expert, Ho Enterprise Hosting and the other Leads and report on the progress.

• Manage a security backlog in Agility and follow-up on the grooming and progress with the team.

• Optimize the team organization depending on the context (team growth, activity perimeter…).

• Ensure the process and standard definition when it comes to Hosting Security Practices.

• Define and review the yearly operational goals of the team members.

• As a delegate of the Head of Enterprise Hosting, manage the daily management of the team members through regular 1:1.

• Define the follow-up of the activities (multi-site) and the way to report on it to Ho Enterprise Hosting (dashboards).

• If a need to contract some activity is identified during the set up phase:

  • Contribute to the Definition and Set up of the contract with the Head of Enterprise Hosting,

  • Follow-up contractor performance on the Security perimeter.

• Animate the Group through daily/weekly meetings.

Beyond these activities, the Hosting Security Lead will work as SecOps Specialist with the following responsibilities (to be refined during the structuration phase):

• Security monitoring.

• Coordinate with the Security Policy team to determine required & future actions (reactive & proactive).

• Configuration Management of Security Management items such as OS patching.

• Security Activities - patches / vulnerability watch / coordination with SWF about it.

• OS Patching & maintenance including setup and configuration

• Periodic review of process / activities to ensure compliance with Security Policies.

• Establish best-practice activities with the team to promote security practices.

• Feedback to Security Policy team to help maintain appropriate guidance based on Operational needs & observations.

• Accelerate enterprise cloud adoption of security practices.

• Design and Implement cloud solutions based on governance to minimize business and technical risks.

Education :

• Successful completion of an Academic degree in IT engineering with a specialisation in Cyber-Security or 7-10 years of equivalent workplace experience.

Required Skills / Experience :

• Team leadership:

  • Ability to structure an activity,

  • Ability to lead an international team of 5-10 people,

  • Capacity to make trade-offs, prioritize activities, delegate to team members,

  • Defend a position and standards in front of external stakeholders,

  • Capacity to define, organize and deliver a project/activity in the scope of the Group,

  • Excellent communication both internally and externally,

  • Proactive, confident self-starter with effective interpersonal and communication skills.

• Technical Skills/Experience:

  • Solid experience (> 5 years) in Cyber-Security with Infrastructure/operation orientation.

  • Solid experience in Security Monitoring and associated remediation in a Cloud-Based environment.

  • Vulnerability watch, impact analysis and remediation experience. 

  • Some experience in scripting and automation is an asset.

  • AWS Certification “Security - Specialty” requested.

  • AWS Certifications “Cloud Practitioner” and “Solution Architect – Associate” preferred

  • Advanced Proficiency with operation and support of Linux or MS Windows Operating Systems.

  • Solid knowledge of networking for enterprise environments required.

  • Demonstrated ability to identify root cause of issues and to recommend permanent, long term, fixes.

  • Proactive, confident self-starter with effective interpersonal and communication skills

• Other knowledge/skills/demonstrated capabilities:

  • Communicate technical/complex information both verbally and in writing

  • Establish and maintain cooperation, understanding, trust and credibility

  • Perform multiple tasks concurrently and respond to emergency situations effectively.

  • Must be able to travel internationally 

  • Effective project management techniques

  • Fluent in spoken and written English

  • Ability to communicate in French an asset

 

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Airbus Helicopters Polska Sp. z o.o.

Employment Type:

Permanent

-------

Experience Level:

Professional

Job Family:

Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.