ATR ISMS Officer and Cyber Project Manager

The ISMS Officer is responsible for operating, maintaining and continuously improving ATR’s Information Security Management System (ISMS) in compliance with EASA Part-IS NIS2 and all applicable cybersecurity regulatory frameworks.

The role ensures daily operational ownership of information security governance documentation controls monitoring internal audits supplier compliance tracking and cyber culture activities.

The ISMS Officer supports the Deputy CISO in driving operational governance ensuring the alignment between information security practices regulatory expectations and aviation safety requirements.

As a Cyber Project Manager you will manage the Cyber Security Recovery strategic project hands in hands with the IT department and Airbus.

• Operate ATR’s ISMS in compliance with EASA Part‑IS and other cyber regulations.
• Ensure controls are implemented, monitored and reviewed according to the ISMS cycle (Plan‑Do‑Check‑Act).
• Serve as primary operational focal point for regulatory authorities (EASA OSAC DSAC) during audits and inspections.
• Maintain and update ISMS documentation evidence repositories, KPIs dashboards and compliance reports.
• Conduct internal audits and compliance checks; follow up on corrective actions.
• Contribute to alignment with broader regulatory requirements (NIS2 GDPR EU Data Act future EU cybersecurity acts).
• Prepare and deliver content for the Information Security Review Board (ISRB).

• Conduct operational risk assessments and contribute to SRA exercises.
• Maintain the Information Security Risk Register and monitor mitigation actions.
• Support the Deputy CISO in consolidating organisation‑wide cybersecurity risks.
• Lead continuous improvement initiatives across the ISMS and adopt corrective and preventive actions.
• Track emerging regulations and ensure ATR’s ISMS remains aligned with future cybersecurity requirements.

• Coordinate ISMS‑related activities across Engineering, IT, Programs, Procurement, Legal, Quality and SMS teams.
• Orchestrate interdependent deliverables across internal teams and external suppliers to ensure consistent ISMS execution.
• Support operational planning by maintaining resource allocation workload visibility and training plans for ISMS contributors.
• Ensure accurate tracking of ISMS‑related expenditures and support reporting for budget follow‑up.
• Maintain operational alignment between the ISMS and ATR’s Safety Management System (SMS).

• Implement ATR’s security‑by‑design framework in collaboration with Engineering, Programs and IT.
• Ensure cybersecurity requirements are incorporated early in program lifecycles.
• Contribute to the definition of requirements for Engineering change processes and IT projects.
• Support the development of a structured data management model taxonomy and associated security requirements in line with the Data Officer.

• Identify operational needs for tools, services, suppliers and external expertise contributing to ISMS activities.
• Lead the operational procurement cycle with Procurement teams: RFQ evaluation, recommendation, PO follow‑up, acceptance of deliverables.
• Ensure Part‑IS NIS2 and cybersecurity requirements are embedded in procurement processes and contractual clauses.
• Monitor supplier performance, collect evidence and support the Supplier Management Department during audits and risk assessments.

• Proven experience in information security governance or ISMS operation.
• Strong knowledge of EASA Part‑IS, ISO/IEC 27001, NIST CSF, NIS2, GDPR and EU cybersecurity frameworks.
• Experience with internal audits, risk assessments and compliance monitoring.
• Strong communication and stakeholder management capabilities.
• Ability to coordinate transverse work across multiple departments.
• Problem‑solving analytical mindset and structured thinking.
• Team player able to work in a dynamic and multicultural environment.
• Fluent in English and French; Italian is a plus.

• Pierre will contact you.
• Innovative digital assessment.
• Interview with Pierre then with Mehdi, our HR recruiter.

• Highly competitive compensation package (profit and success sharing employee savings plan).
• Work‑life balance (remote working, 6th week of paid leave, additional days off for family events).
• Well‑being / health (supplementary health & welfare coverage).
• Career paths enabling employees to develop skills and build a professional project.
• Wide choice of development programs for soft and hard skills.
• CSE: ATR (family and employee events) and Airbus CSE (travel vacation camps).
• Diversity and inclusion (over 1,200 men & women with more than 35 nationalities work together in our teams).

ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity as the foundation for the Company’s success, reputation and sustainable growth.