ATR - ISMS Officer and Cyber Project Manager AIRBUS
Toulouse (31)CDITélétravail partiel
HierSoyez parmi les premiers à postuler
Critères de l'offre
Métiers :
- Infrastructure Project Manager
- + 2 métiers
Télétravail :
- Télétravail partiel
Expérience min :
- 6 à 10 ans
Secteur :
- Industries Aéro, Naval et Défense
Compétences :
- Anglais
- Italien
Lieux :
- Toulouse (31)
Conditions :
- CDI
- Temps Plein
Description du poste
**Job Description:**
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for an *ISMS Officer and Cyber Project Manager* to come onboard in our *CISO and Future developments* * Directorate * in* Pierre* 's team : a team of *10 *collaborators!
*[Career Path: Project management] *
* Your Mission *
*Job Purpose*
The ISMS Officer is responsible for operating, maintaining, and continuously improving ATR's Information Security Management System (ISMS) in compliance with EASA Part-IS, NIS2, and all applicable cybersecurity regulatory frameworks.
The role ensures daily operational ownership of information security governance, documentation, controls, monitoring, internal audits, supplier compliance tracking, and cyber culture activities.
The ISMS Officer supports the Deputy CISO in driving operational governance, ensuring the alignment between information security practices, regulatory expectations, and aviation safety requirements.
As a Cyber Project Manager, you will manage the Cyber Security Recovery strategic project hands in hands with the IT department and Airbus.
*Key Responsibilities*
*Governance and compliance:*
* Operate ATR's Information Security Management System in compliance with EASA Part-IS and other cyber regulations.
* Ensure controls are implemented, monitored, and reviewed according to the ISMS cycle (Plan-Do-Check-Act).
* Serve as the primary operational focal point for regulatory authorities (EASA, OSAC, DSAC) during audits and inspections.
* Maintain and update ISMS documentation, evidence repositories, KPIs, dashboards, and compliance reports.
* Conduct internal audits and compliance checks; follow up on corrective actions.
* Contribute to alignment with broader regulatory requirements (NIS2, GDPR, EU Data Act, future EU cybersecurity acts).
* Prepare and deliver content for the Information Security Review Board (ISRB).
* Risk Management & Continuous Improvement: *
* Conduct operational risk assessments and contribute to SRA exercises.
* Maintain the Information Security Risk Register and monitor mitigation actions.
* Support the Deputy CISO in the consolidation of organisation-wide cybersecurity risks.
* Lead continuous improvement initiatives across the ISMS and ensure the adoption of corrective and preventive actions.
* Track emerging regulations and ensure ATR's ISMS remains aligned with future cybersecurity requirements.
* Operational Coordination & Resource Management: *
* Coordinate ISMS-related activities across Engineering, IT, Programs, Procurement, Legal, Quality, and SMS teams.
* Orchestrate interdependent deliverables across internal teams and external suppliers to ensure consistent ISMS execution.
* Support operational planning by maintaining resource allocation, workload visibility, and training plans for ISMS contributors.
* Ensure accurate tracking of ISMS-related expenditures and support reporting for budget follow-up.
* Maintain operational alignment between the ISMS and ATR's Safety Management System (SMS).
* Security-by-Design & Data Governance: *
* Implement ATR's security-by-design framework in collaboration with Engineering, Programs, and IT.
* Ensure cybersecurity requirements are incorporated early in program lifecycles.
* Contribute to the definition of requirements for Engineering change processes and IT projects.
* Support the development of a structured data management model, taxonomy, and associated security requirements in line with the Data Officer.
* Procurement & Supplier Compliance * *:*
* Identify operational needs for tools, services, suppliers, and external expertise contributing to ISMS activities.
* Lead the operational procurement cycle with Procurement teams: RFQ, evaluation, recommendation, PO follow-up, acceptance of deliverables.
* Ensure Part-IS, NIS2, and cybersecurity requirements are embedded in procurement processes and contractual clauses.
* Monitor supplier performance, collect evidence, and support the Supplier Management Department during audits and risk assessments.
* About you *
* Proven experience in information security governance or ISMS operation.
* Strong knowledge of EASA Part-IS, ISO/IEC 27001, NIST CSF, NIS2, GDPR principles, and EU cybersecurity frameworks.
* Experience with internal audits, risk assessments, and compliance monitoring.
* Strong communication and stakeholder management capabilities.
* Ability to coordinate transverse work across multiple departments.
* Problem solving, analytical mindset, and structured thinking.
* Project management experience (certifications desirable).
* Team player, able to work in a dynamic and multicultural environment.
* Fluent in English and French; Italian is a plus.
* Our Recruitment Process *
* *Pierre *will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un *ISMS Officer et Cyber Project Manager* pour rejoindre notre Direction *CISO and Future developments* au sein de l'équipe de *Pierre* : une équipe d'une dizaine de collaborateurs !
*[Career Path: Project management] *
* Votre mission *
*Mission principale*
L'ISMS Officer est responsable de l'exploitation, de la maintenance et de l'amélioration continue du Système de Management de la Sécurité de l'Information (ISMS) d'ATR, en conformité avec l'EASA Part-IS, NIS2 et l'ensemble des cadres réglementaires applicables en cybersécurité.
Ce rôle assure la responsabilité opérationnelle quotidienne de la gouvernance sécurité de l'information, de la documentation, des contrôles, du monitoring, des audits internes, du suivi de la conformité des fournisseurs et des actions…
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for an *ISMS Officer and Cyber Project Manager* to come onboard in our *CISO and Future developments* * Directorate * in* Pierre* 's team : a team of *10 *collaborators!
*[Career Path: Project management] *
* Your Mission *
*Job Purpose*
The ISMS Officer is responsible for operating, maintaining, and continuously improving ATR's Information Security Management System (ISMS) in compliance with EASA Part-IS, NIS2, and all applicable cybersecurity regulatory frameworks.
The role ensures daily operational ownership of information security governance, documentation, controls, monitoring, internal audits, supplier compliance tracking, and cyber culture activities.
The ISMS Officer supports the Deputy CISO in driving operational governance, ensuring the alignment between information security practices, regulatory expectations, and aviation safety requirements.
As a Cyber Project Manager, you will manage the Cyber Security Recovery strategic project hands in hands with the IT department and Airbus.
*Key Responsibilities*
*Governance and compliance:*
* Operate ATR's Information Security Management System in compliance with EASA Part-IS and other cyber regulations.
* Ensure controls are implemented, monitored, and reviewed according to the ISMS cycle (Plan-Do-Check-Act).
* Serve as the primary operational focal point for regulatory authorities (EASA, OSAC, DSAC) during audits and inspections.
* Maintain and update ISMS documentation, evidence repositories, KPIs, dashboards, and compliance reports.
* Conduct internal audits and compliance checks; follow up on corrective actions.
* Contribute to alignment with broader regulatory requirements (NIS2, GDPR, EU Data Act, future EU cybersecurity acts).
* Prepare and deliver content for the Information Security Review Board (ISRB).
* Risk Management & Continuous Improvement: *
* Conduct operational risk assessments and contribute to SRA exercises.
* Maintain the Information Security Risk Register and monitor mitigation actions.
* Support the Deputy CISO in the consolidation of organisation-wide cybersecurity risks.
* Lead continuous improvement initiatives across the ISMS and ensure the adoption of corrective and preventive actions.
* Track emerging regulations and ensure ATR's ISMS remains aligned with future cybersecurity requirements.
* Operational Coordination & Resource Management: *
* Coordinate ISMS-related activities across Engineering, IT, Programs, Procurement, Legal, Quality, and SMS teams.
* Orchestrate interdependent deliverables across internal teams and external suppliers to ensure consistent ISMS execution.
* Support operational planning by maintaining resource allocation, workload visibility, and training plans for ISMS contributors.
* Ensure accurate tracking of ISMS-related expenditures and support reporting for budget follow-up.
* Maintain operational alignment between the ISMS and ATR's Safety Management System (SMS).
* Security-by-Design & Data Governance: *
* Implement ATR's security-by-design framework in collaboration with Engineering, Programs, and IT.
* Ensure cybersecurity requirements are incorporated early in program lifecycles.
* Contribute to the definition of requirements for Engineering change processes and IT projects.
* Support the development of a structured data management model, taxonomy, and associated security requirements in line with the Data Officer.
* Procurement & Supplier Compliance * *:*
* Identify operational needs for tools, services, suppliers, and external expertise contributing to ISMS activities.
* Lead the operational procurement cycle with Procurement teams: RFQ, evaluation, recommendation, PO follow-up, acceptance of deliverables.
* Ensure Part-IS, NIS2, and cybersecurity requirements are embedded in procurement processes and contractual clauses.
* Monitor supplier performance, collect evidence, and support the Supplier Management Department during audits and risk assessments.
* About you *
* Proven experience in information security governance or ISMS operation.
* Strong knowledge of EASA Part-IS, ISO/IEC 27001, NIST CSF, NIS2, GDPR principles, and EU cybersecurity frameworks.
* Experience with internal audits, risk assessments, and compliance monitoring.
* Strong communication and stakeholder management capabilities.
* Ability to coordinate transverse work across multiple departments.
* Problem solving, analytical mindset, and structured thinking.
* Project management experience (certifications desirable).
* Team player, able to work in a dynamic and multicultural environment.
* Fluent in English and French; Italian is a plus.
* Our Recruitment Process *
* *Pierre *will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un *ISMS Officer et Cyber Project Manager* pour rejoindre notre Direction *CISO and Future developments* au sein de l'équipe de *Pierre* : une équipe d'une dizaine de collaborateurs !
*[Career Path: Project management] *
* Votre mission *
*Mission principale*
L'ISMS Officer est responsable de l'exploitation, de la maintenance et de l'amélioration continue du Système de Management de la Sécurité de l'Information (ISMS) d'ATR, en conformité avec l'EASA Part-IS, NIS2 et l'ensemble des cadres réglementaires applicables en cybersécurité.
Ce rôle assure la responsabilité opérationnelle quotidienne de la gouvernance sécurité de l'information, de la documentation, des contrôles, du monitoring, des audits internes, du suivi de la conformité des fournisseurs et des actions…
Référence : JR10378900
Recommandé pour vous
Toulouse (31)CDI 70 000 € - 80 000 € par an Il y a 19 jours
Toulouse (31)CDI Il y a 3 jours
Toulouse (31)CDI Il y a 17 jours