SOC L3 Analyst

Job Description:

SOC L3 Analyst will be part of Airbus Digital function, which is building and operating Airbus business platforms and services adopting new technologies, automation using digital native skills and agile ways of working to accelerate our digitalization journey.

Your role as L3 Analyst is to maintain an operational excellence in the detection of malicious activities and have the accountability of the Airbus NN-SOC detection mission. You will also participate and contribute towards Alpha team, Redteam exercises in collaboration with Airbus Computer Emergency Response Team and Airbus Redteam to conduct studies for gap analysis and suggest security detections as needed.

Challenges are numerous and exciting!

Security threats have increased drastically in the last few years and organizations are facing an increasingly complex threat landscape. Airbus digitalization is bringing many opportunities but they come with new risks. Therefore, the main mission of Detection & Response (D&R) is to identify the threats and detect security incidents that target Airbus company-wide, and propose adapted security response. D&R teams are supporting Airbus businesses and ensuring their protection against cyber threats.

Security is not an option, be part of it!

• Monitoring, detection, and analysis of potential intrusions in real time and through historical trending on security-relevant data sources

• Response to confirmed incidents, by directing use of timely and appropriate countermeasures

• Providing situational awareness and reporting on cybersecurity status, incidents

We seek out curious minds! We value attention to detail! And we care deeply about outcomes!

We’re looking for passionate people, who are eager to learn, willing to share, and establishing innovative ways of working and influencing culture change

• Bachelor degree in Computer Science, Engineering, or related field

• Masters in Information Security would be preferred

• Information Security and/or Information Technology industry certification (CASP+, SANS-GIAC, OSCP, CISSP or equivalent) will be preferred

• Experience/knowledge of investigating the threat scenarios in multiple domains like Windows, Network, Unix/Linux, Cloud(AWS / GCP) is required

• Must have knowledge of network and web technology, encryption, virtual private networks, internet extranet security, cloud computing (firewalls, remote access) and security management

• Good working knowledge of general audit principles, security administration processes and frameworks, metrics collection and reporting

• Knowledge & experience in Splunk Enterprise Security (any certification appreciated) including knowledge in log management, Splunk application and search development (SPL), SOAR technology (Splunk Phantom)

• Knowledge in SOC referential such as Sigma, Stix Taxii, MITRE ATT&CK

• Proven ability to prioritize workload, meet deadlines, and utilize time effectively

• Good interpersonal and communication skills, works effectively as a team player

• Capacity to pilot experienced cadre and/or senior experts named

• Ability to define solutions / resolution of complex and unprecedented problems impacting several processes / systems and / or covering several functions (business or technical)

• French language knowledge will be an added advantage

• You will be a part of the non national Security Operations Center team (SOC) within a transnational peer group of 5 countries (France, UK, Germany, Spain and India)

• Set-up the first footprint in Airbus India of SOC RUN activity

• Take initiatives to ensure a sustainable, qualitative and long term SOC L3 activity within India, improve the balance between France and India and paving the way for a follow-the-sun

• Be accountable to design, implement, integrate measures to detect and respond to Cyber Threats (ie. Advanced Persistent Threats, fraud) against Airbus to reduce company risks

• You will support the Cyber Security department by providing operational platform and tools that follow best practices to ensure adherence to IM standard

• Define SOC framework and processes to efficiently measure company risks

• Design, measure and improve SOC detections and ensure its consistency/efficiency

• Measure risk reduction and quality of service provided by SOC

• Analyze, qualify and respond to cyber security incidents and conduct investigations

• Build or propose new tools and techniques to automate human-intensive tasks

• Keep up to date with threats, anticipate needs and further evolutions

• Be accountable for platform maintenance and upgrade, Propose and lead improvements in terms of architecture, network quality and processes

• You will work with a wide variety of people from different internal organizational units, bringing them together to manifest controls that reflect workable compromises as well as proactive responses to current and future information security risks

• You will be part of a truly international team
• Travel opportunities (domestic and international)
• Competitive remuneration, bonus and incentives
• Good work / life balance and career growth opportunities
• Training and development opportunities (online, classroom, conferences)
• Comprehensive benefits package (complementary health insurance, life insurance)

• Success will be measured in a variety of areas, including but not limited to
• Consistently ensure the on-time delivery and quality (first-time-right) of the projects
• Bring innovative cost effective solutions
• Achieve the customer satisfaction

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company: Airbus India Private Limited

Employment Type: Permanent

Experience Level: Entry Level

Job Family: Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.

Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.