Cyber Security Evaluator

Job Description and Tasks

• Key Responsibilities:
  • Security Exception Management: Evaluate and process security exceptions, ensuring proper documentation, risk assessment, and the implementation of compensatory controls. This includes collaborating with various teams to facilitate secure deployments and minimize potential vulnerabilities.
  • Penetration Testing Coordination: Assist in the organization and coordination of internal and external penetration tests, including scope definition, scheduling, and communication with stakeholders.
  • Vulnerability and Compliance Management for the Airbus Group: Oversee the group-wide response to vulnerabilities and compliance issues, leveraging industry-standard vulnerability scanning and management platforms. This involves coordinating with all entities, including subsidiary offices, to review non-conformities and meticulously track the progress of remediation actions.
  • Vulnerability Remediation Tracking: Monitor and track the progress of actions taken to address findings from security assessments and penetration tests. This involves retesting implemented solutions to confirm their effectiveness and maintain a robust security baseline.
  • Process Improvement: Contribute to the continuous improvement of our security exception management and vulnerability remediation processes, identifying areas for optimization and automation.

• 1-3 years of professional experience in cybersecurity, information security, or a related field.
• Solid understanding of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and best practices.
• Familiarity with common vulnerability assessment tools and methodologies.
• Proven ability to analyze security risks and recommend appropriate mitigation strategies.
• Excellent communication skills, both written and verbal, with the ability to articulate technical concepts to diverse audiences.
• Strong organizational skills and attention to detail.
• English is a must

• Certifications such as CompTIA Security+, CySA+, CEH, or equivalent.
• Experience with GRC (Governance, Risk, and Compliance) platforms.
• Experience with vulnerability management platforms and their application in a large enterprise environment.
• Understanding of compliance frameworks relevant to cybersecurity (e.g., NIS2, GDPR, industry-specific regulations).
• Strong negotiation and persuasion skills.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation tasks.
• Experience with ticketing and project management systems (e.g., JIRA, ServiceNow).
• Experience with the use and deployment of AI agents in cybersecurity contexts.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

Company: Airbus Helicopters España, SA

Employment Type: Permanent

Experience Level: Professional

Job Family: Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.

Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.