Cyber Security Incident Responder (w/m)


As the European specialist in cyber security, the mission of Airbus’ CyberSecurity business is to protect governments, companies and critical infrastructures from cyber threats. Its trusted, high performance security products and services are able to detect, analyse and counter the most advanced cyber attacks.

A vacancy for a Cyber Security Incident Responder (m/w) has arisen within Airbus CyberSecurity in Frankfurt/Main, Germany.

As a successful candidate, your tasks will be to coordinate people, processes, tools and technology to prevent and manage information security threats, weaknesses, events and incidents in order to minimize their impact on the organization.

More specifically, your main tasks will include:

- Being responsible for the end-to-end incident response from classification to lessons learned
- Defining and carrying out security incident identification measures
- Overseeing the ongoing analysis activities in Forensics or Reverse Engineering and analysing data in order to build a comprehensive view of the incident
- Maintaining and sharing incident documentation
- Defining response strategy and present it to the management for approval
- Participating in cyber-crisis management and coordination
- Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence
- Drafting incident reports tailored for management and technical peers
- Communicating efficiently during the identification, containment, eradication, recovery and post-mortem incident response activities
- Maintaining and continuously improving the standard incident response toolkit
- Contributing to awareness trainings

This role will involve some travel for business.

You have the following skills and experience:

- Educated to degree level in IT Security, Engineering or equivalent
- Several years of experience as an Incident Responder
- Background in operating systems security, anti-virus technologies and network security
- Practical level understanding of common TCP/IP-based services and protocols including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc.
- Sound knowledge and experience in:
. Firewall theory, proxies/reverse proxies, IDS/IPS, etc.
. Full packet capture analysis
. Application level security: web applications, databases, secure development
. Vulnerability assessment and handling
- Hands-on experience in:
. Malware reverse engineering and handling malicious code incidents
. Systems (file and memory) and network forensics analysis, with tools such as FTK, EnCase Enterprise
- Knowledge of development and scripting languages such as Python, C/C++, Java, Javascript, Perl or Ruby, regular expressions, Linux shell/BASH, Windows Powershell
- One of the following certifications is required:
. GCIH (GIAC Certified Incident Handler)
. GCIA (GIAC Certified Intrusion Analyst)
. ECIH (EC-Council Certified Incident Handler)
. CSIH (SEI Certified Computer Security Incident Handler)
. SCPO (SABSA Certified Security Operations & Service Management Practitioner)
or an equivalent certification in the field of incident handling recognized internationally
- An internationally recognized certification in penetration testing or forensics would be a plus
- Fluent English; German skills would be a plus
Stelleninformation
Inserent Airbus CyberSecurity
Kontaktname Caroline Porchy
Telefon (Beziehen Sie sich auf Dice)
Referenz 10383157 CP EN EXT 2

Copyright © 2018, Dice

Dice ist ein DHI Service