Information Security Management System Manager

Job Description:

AHE Information Security Management System Manager (ISMS Manager) is responsible to ensure that AHE Information Security Management Manual (ISMM) and organizations management system’s compliance checklists for Part IS are established and maintained in conformity with AHE MOA (Maintenance Organisation Approval) , CAMO (Continuous Airworthiness Maintenance Approval) , ATO , Single POA and Single DOA management systems,  and that these ones, together with the associated processes, methods and tools, demonstrate compliance with the applicable Information Security regulations and EASA regulations (PART-145, PART-M, AIR CREW, PART-21 J&G)

The objective of this post is to manage information security risks. It will be necessary to identify all the elements that may be exposed to an information security risk in an industrial environment (equipment systems, the services that the organisation provides, receives or maintains, etc.), and it will therefore be necessary to identify risks in workshops, buildings, warehouses, etc.).

Main activities and responsibilities:

• Towards the Accountable Managers for monitoring the MOA, CAMO and ATO Approved Organization ISMS and reporting to Authority (AESA):

·         Establish, operate, monitor and improve the contribution to the Airbus Helicopters Spain Information Security Management System.

·         Implement, Operate and Maintain the AHE ISMS documentation, including the ISMS Manual and the security List of Applicable requirements.

·         Definition of Information Security Management System requirements applicable for AHE Organizations to comply with Part-IS,

·         Support the deployment of AHE ISMS Network and processes into functions,

·         Ensure the establishment of an ISMS internal reporting about Information Security events, incidents and vulnerabilities management, having a potential impact on Aviation Security

·         The ISMS Manager will be responsible for the Part-IS findings monitoring raised by the internal auditor and authorities.

·         To contribute to Authorities audits and monitor Authorities findings.

·         ISMS change management

·         The ISMS Manager will be responsible for the training deployment to all AHE Organization's stakeholders.   

·         Contribute to Authorities audits and this includes direct potential links with Authorities.

·         Ensure cooperation with key Airbus Helicopters ISMS stakeholders in the scope.

·         Monitor ISMS continuous improvement process and assess ISMS efficiency to reach maturity level applicable as per POA objective,

·         AHE ISMS Manager will cooperate:

·         with the business for cyber activities on all AHE products,

·         with AHE ISMS Officer, 

·         with security experts of other airbus divisions including Airbus Protect,

·         with AH DOA/POA/MOA/CAMO/ATO ISMS Managers for the implementation of the Part-IS,

·         with AHE ISMS Representatives, AHE DOA Accountable Manager, AHE POA Accountable Manager, AHE MOA/CAMO/ATO Accountable Manager, IM, Procurement, SMS counterpart.

Key competencies

·         Autonomy, discretion and rigor to apply and follow standards and regulations.

·         High Communication skills and a team player able to work in an intercultural environment.

·         Manage Authorities & Customer relations.

·         Capacity to anticipate risks and difficulties.

·         Initiative and proactivity.

·         Solution oriented / Welcome problems.

Skills:

·         Degree  in computer or industrial engineering.

·         2-3 years of experience in project management skills to develop security plans, manage security projects and collaborate with other departments.

·         Good communication & presentation skills,

·         Experience in IT and digitalization.

·         Knowledge of Airworthiness regulation (PART 21J, PART21G, PART-145, CAMO, ORA) is a plus.

·         Experience in auditing is a plus.

·         Technical knowledge of information security management and cybersecurity risks is a plus.

·         Knowledge of ISO 27001, ISO27005, EBIOS is a plus.

Flexible to travel on short notice when required  

·         Languages: English and Spanish mandatory, French is a plus.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Airbus Helicopters España, SA

Employment Type:

Agency / Temporary

-------

Experience Level:

Professional

Job Family:

Digital

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.