< Back to search

Airbus • France

Cyber Detection Engineer (d/f/m)

Employment type:  Full time

< Back to search

Job Description

Job Description:

Airbus Defense and Space is looking for a passionate and talented Cyber Detection & Response engineer to join our international Incident Response Team (CSIRT), in ELANCOURT/TOULOUSE.

A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise.

The successful candidate will be responsible for managing the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC).

This is a fantastic opportunity to join a team who live and breath for cyber security and to work for a company with great products and technologies around the globe.

Disabled applicants with equal qualifications will be given special consideration

Priority will be given to employees whose position is impacted by a workforce adaptation initiative.

Key Responsibilities:

  • Security Monitoring:

    • Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR).

    • Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection.

    • Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting).

    • Implement adversary emulation tests to assess the quality of the detection rules

  • Incident Response:

    • Participate in supporting the Incident Resposne Team in investigation and analysis of potential security incidents and vulnerabilities.

    • Collaborate with senior engineers to develop and implement remediation strategies based on the investigation findings.

    • Document and report incidents, detailing the nature of the event, steps taken for remediation, and future prevention strategies.

  • Threat Intelligence:

    • Collaboration in the improvement of our CTI Processes and tools.

    • Digestion and process of CTI feeds.

    • Support threat intelligence operationalization efforts.

  • Collaboration and Documentation:

    • Work closely with other security teams (e.g., red team, application security) to improve threat detection and response strategies.

    • Supporting the definition and execution of Purple Teaming activities, to improve the Cyber Detection and Response capabilities.

    • Help document processes, playbooks, and technical documentation related to threat detection, response,.

    • Contribute to internal training sessions on threat detection methodologies and best practices.

  • Tooling Development and Integration:

    • Participate actively in the development and implementation of tools and artifacts to support the Security Operations activities, within the scope of the Detection Engineering Team.

    • Integrate different components to provide optimizations in the day to day of the Operational Teams, and enhance the company’s Cyber Resilience.

  • Continuous Learning and Development:

    • Stay informed on the latest security trends, threats, and vulnerabilities, continually building knowledge in the cyber threat landscape.

    • Participate in workshops, training, and certifications to enhance skills in cyber detection and response.

Required Skills:

  • Technical Skills:

    • Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS)..

    • Deep knowledge of Operating System insights (Windows/Linux)

    • Knowledge of security frameworks (e.g., MITRE ATT&CK) and common attack vectors.

    • Experience with Python is a requirement, PowerShell/Bash are a plus.

    • Understanding of DevOps, git..

  • Analytical Skills: Ability to investigate and analyze security events, developing detailed reports on findings and proposed solutions.

  • Collaboration Skills: Strong communication skills to work with cross-functional teams and share insights.

  • Work Environment:

    • This role may involve collaboration with different cybersecurity teams across Europe to improve the organization’s overall security posture, with a focus on incident detection and response strategies.

    • Fluent written and spoken English are a must.

This position will require a security clearance or will require being eligible for clearance by the recognized authorities.

Le candidat doit posséder la nationalité française conformément à l’IGI 1300 du 9 Août 2021 (§1.2.2.1).

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Airbus Defence and Space SAS

Employment Type:

Permanent

-------

Classe Emploi (France): Classe G13

Experience Level:

Professional

Job Family:

Cyber Security <JF-CG-ST>

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Company benefits

Open to part-time employees
Open to job sharing
Annual bonus
Enhanced maternity leave
Open to compressed hours
Accrued annual leave
Sabbaticals
Enhanced sick pay
Adoption leave
Health insurance
Enhanced paternity leave
Family health insurance
Complimentary Medical Services
Referral bonus
Bike parking
Cycle to work scheme
On-site gym
Teambuilding days
In house training
Employee discounts

We need to ask employees of Airbus what it's like to work there before we assign the company FlexScore®.

Location flexibility
?
More information needed
Hours flexibility
?
More information needed
Benefits
?
More information needed
Work-life balance
?
More information needed
Role modelling
?
More information needed
Autonomy
?
More information needed

Working at Airbus

Company employees

150,000

Gender diversity (male:female)

70:30

Currently Hiring Countries

Australia

Belgium

Brazil

Canada

Chile

China

Colombia

Cyprus

Denmark

Finland

France

Germany

Hong Kong

Hungary

India

Indonesia

Ireland

Italy

Japan

Malaysia

Mexico

Netherlands

Norway

Philippines

Poland

Portugal

Romania

Saudi Arabia

Singapore

Sint Maarten

South Africa

South Korea

Spain

Switzerland

Thailand

United Arab Emirates

United Kingdom

United States

Office Locations