Coding Technical Specialist

Job Description:

Are you interested in Cyber Security and Digital Transformation? Are you willing to work in a multicultural environment, on a worldwide perimeter. Are you ready to take on a new and exciting challenge? Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!

The company is undergoing a transformation into an agile, innovative, customer centric and digitally powered business. For the IT function this means having the unique opportunity to shift from an efficient enabler towards a creator of Business value!

Airbus is a leader in the aircraft industry, offering many challenging opportunities and providing a handful of benefits to its employees: world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.

• The candidate will work in the context of the Application Security/SecDevOps (Secure Development and Operations of Software Applications). In this context, code security non compliances and vulnerabilities are detected using dedicated scan tools.

  
  

• The candidate will work in collaboration with the Vulnerability Management, Critical Asset Protection and Business teams to manage vulnerabilities and non compliances and enable remediation.

  
  

• The candidate will analyze vulnerabilities in the code and perform meetings with Product Owners and developers to perform triage activities and provide remediation advice to projects, on the following topics:

  
  

• Vulnerabilities in  C# ( C / C++ would be a plus)

  
  

Or alternatively

• Vulnerabilities in SAP / ABAP / SAP UI5 code

  
  

Or alternatively

• Vulnerabilities in  JAVA

  
  

• The candidate will analyze and correlate the different kinds of vulnerabilities identified in the various contexts as above.

  
  

• The candidate will integrate the various dashboards that measure the situation concerning number of vulnerabilities, type of vulnerabilities, criticality of vulnerabilities, history of vulnerabilities and remediation rate. The candidate will identify synergies across the different dashboards and propose improvements.

  
  

• Where necessary, the candidate will extract and analyze information and KPIs (Key Performance Indicators) concerning vulnerability detection and remediation.

  
  

• The candidate will review the existing KPIs and provide an overview:

  
  

1) that areas of potential attack are protected as necessary (risk coverage), 

2) how many vulnerabilities or non compliances are detected (true vulnerability versus false positives) 

3) that criticality of vulnerability is tracked 

4) how many vulnerabilities are remediated along the time.

• The candidate will translate the data above into consolidated views that summarize the level of protection and risk reduction achieved by the digital cybersecurity solutions, and will negotiate the remediation plan with the business customers.

  
  

• The candidate will maintain the Airbus code security Standards on the specific coding language covered.

  
  

• The candidate will produce technical documentation to enable developers to remediation  vulnerabilities

  
  

• For part of the time, the candidate will also be part of a development team to continue practicing in software development on the specific coding language covered.

  
  

Your boarding pass:

We are looking for motivated people with at least 8 +  years of experience and strong references, with excellent English communication and problem solving skills, the ability to understand complex environments & processes, programs and accustomed to dealing with all levels from operational staff to senior management inside as well as outside IT.

We seek out curious minds. We value attention to detail, and we care deeply about outcomes. We're looking above all for passionate people, eager to learn, willing to share, establishing innovative ways of working and influencing culture change.

Are you ready to share this exciting challenge with us?

You will need to confirm one or several of the following competences and skills:

• Ideally educated to a master degree (or equivalent) in Information Technology, Engineering or a related discipline

  
  

• Stakeholder management , capability to influence business decision

  
  

• Understanding of large range of security topics from hardware, networks, systems, applications to data, and new digital capabilities 

  
  

• Comprehensive ability to troubleshoot and remediate complex security vulnerabilities and non compliances 

  
  

• Ability to document and diagram technical processes and workflows

  
  

• Fundamentals Splunk skills  - NOT NEEDED

  
  

• Development skills, with advanced experience (10 years) on at least one of the following topics:

  
  

  • SAP/ABAP (Secure code is a plus)

    
    

  • C / C++ (Secure code is a plus) 

    
    

  • JAVA (Secure code is a plus)

    
    

• Curiosity about the techniques used in cyber-attacks as phishing/malicious email campaigns, etc. 

  
  

• Knowledge of SAST tool like Checkmarx will be a plus

  
  

• A passion to stay on top of security trends, experiment with and learn new technologies.

  
  

• Ability to learn quickly in a loosely structured, rapidly changing work environment.

  
  

• Knowledge of project management and agile methodologies

  
  

• Adaptable, autonomous and value & customer minded

  
  

• Good written and verbal communication skills

  
  

• Advanced level of English

  
  

Feel like you can't tick some boxes above? If you have most of the skills and experience that we're looking for and are willing to use your talent to learn the rest, we encourage you to apply!

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Employment Type:

-------

Experience Level:

Job Family:

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.