Security Governance Analyst

Job Description

Job Description:

NAVBLUE, an Airbus Company, is currently seeking a Security Governance Analyst to join our team. The Security Governance Analyst is responsible for maintaining and monitoring the NAVBLUE Information Security Management System. Ensuring that NAVBLUE processes comply with the NAVBLUE security standard by being responsible for security audits activities. Ensure that all NAVBLUE processes and products maintain compliance with security standards including ISO 27001. They will propose amendments and improvements to existing Security structures and policies, based on changes in the industry and best practices. They will support the assessment of security in NAVBLUE’s supply chain and will ensure security communication towards our customers. This includes supporting and implementing Security initiatives across the organization, and helping to develop the organization’s knowledge.

Main Responsibilities:

• Maintain Security OKR and KPI’s
  
• Assist with performance of Internal and 3rd party security audits and ensure security findings follow up until closure.
  
• Ensure Process owners perform RCAs of audit findings and close any actions arising from audits in a timely manner
  
• Define the yearly company security audits and penetration testing strategy
  
• Assist in the deployment of NAVBLUE’s security policy with the goal of Maintaining ISO 27001/2 certification using the policies, standards and procedures that have already been developed.
  
• Contribute to the preparation and dissemination of a Security Awareness Program to NAVBLUE staff
  
• Maintain documentation at a level that meets the audit requirements ISO 27001/2
  
• Help to develop and improve the IT Business Continuity procedures and processes and other applicable security regulations.
  
• Ensure the implementation and assessment of the security in NAVBLUE’s supply chain, and support the risk identification if needed
  
• Be the security focal point and support the other functions with regards to customers request on security
  

Qualified Experience/Skills/Training

Education:

• Successful completion of an Academic degree in Information Technology, Information Security Management System or equivalent
  

Experience:

• Solid experience in Security.
  
• 1 to 3 years experience in Governance, Risk and Compliance
  

• Must be a reliable, responsible self-starter with a demonstrated ability to work independently and prioritize effectively.
  

Licensure/Certifications:

• Holder of security certifications (SSCP, ISO 27005 Risk Manager, ISO 27001 Auditor etc.) would be an asset
  
• Knowledge of security regulations would be an asset
  
• Knowledge of physical security would be an asset
  

Communication Skills (Spoken, Written, Influencing, Proficiency in Other Languages):

• Communication skills appropriate for interfacing at all levels of the organization including senior management and technical staff including documentation (top level policies, technical standards, etc.)
  
• Must work effectively with others in a team environment with strong skills in stakeholder management
  

• Project management skills and highly organized, capable of delivering projects on-time and on-budget
  
• Ability to work in an international environment spanning different jurisdictions with potentially different impacts on security
  

Technical Systems Proficiency:

• Working experience with Information Security Management System
  
• Understanding of security audit programs
  
• Understanding of advanced security protocols and standards
  
• Experience with software and security architectures
  
• Understanding of supply chain contractual framework
  
• Understanding of security regulations
  
• Risk and vulnerability analysis.
  
• Knowledge of security impact on safety
  
• Experience with monitoring tools
  
• Knowledge of project management methodologies (LBIP, Agile, etc).
  

Travel Required:

• 5% Domestic and International
  

Selection and Hiring Commitment

We thank all applicants for applying. Only selected applicants will be contacted.

Navblue is committed to creating an environment and a culture where everyone feels like they belong no matter who they are or where they are from. We are committed to providing equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job. We do not discriminate against any employee or applicant for employment because of race, colour, sex, age, national or ethnic origin, religion, sexual orientation, gender identity or expression, marital status, family status, genetic characteristics, record of offences, and basis of disability or any protected class. Accommodations will be available on request for candidates throughout the entire recruitment and selection process.

About Us:

NAVBLUE, an Airbus Company, is a leading global provider of flight operations solutions, including aeronautical charts, navigation data solutions, flight planning, aircraft performance software (take-off/landing, weight and balance), and crew planning solutions. You’ll be able to shape the future of the digital aviation industry by working on several of the best in the industry flagship products enabling pilots, dispatchers, flight engineers and other aviation personnel on a daily basis to deliver safe, efficient, and reliable flight operations all over the world. You’ll have the opportunity to support millions of flights each year and help NAVBLUE customers maximize efficiency, reduce costs, ensure compliance with complex national and international safety regulations, and effectively deliver their services.

You’ll join a team with a focus on digital and collaborative innovation that is passionate and customer-focused. Over the last few years, Airbus has been supportive of various initiatives such as Going Digital, Performance Based Navigation Services, Air Traffic Management Modernization Programs, FlySmart on iOS and other digital projects related to new aircraft technologies; the launch of NAVBLUE was therefore a natural step to further develop its Flight Operations and Air Traffic Management Portfolio.

NAVBLUE is a fully owned subsidiary of Services by Airbus, fueled by the agility of Airbus ProSky and Navtech (acquired in 2016), and the pioneering spirit of Airbus, NAVBLUE was created in July 2016 with one mission: lead aviation into the digital age.

NAVBLUE is based in Hersham (UK), Cardiff (UK), Toulouse (France), Waterloo, ON (Canada), Bangkok (Thailand), Malmö (Sweden), and Gdańsk (Poland) with other offices all around the world.

The Future is Yours for the Taking: https://youtu.be/vdY6gYuceYY

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:
NAVBLUE SAS

Contract Type:
Permanent
-----
Classe Emploi (France): Classe G13

Experience Level:
Professional

Job Family:
Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com .

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.