ATR - Cybersecurity Manager / ISMS Officer AIRBUS
Toulouse (31)CDITélétravail partiel
Il y a 8 heuresSoyez parmi les premiers à postuler
Critères de l'offre
Métiers :
- Risk and Environmental risk Manager - Project-Manager Engineer
- + 1 métier
Télétravail :
- Télétravail partiel
Expérience min :
- 6 à 10 ans
Secteur :
- Industries Aéro, Naval et Défense
Compétences :
- Anglais
- Italien
Lieux :
- Toulouse (31)
Conditions :
- CDI
- Temps Plein
Description du poste
**Job Description:**
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for a *Cybersecurity Manager / ISMS Officer* to come onboard in our *CISO and Future developments* * Directorate * in* Pierre* 's team : a team of *10 *collaborators!
*[Career Path: Project management] *
* Your Mission *
*Job Purpose*
The ISMS Officer/Deputy CISO supports the Chief Information Security Officer (CISO) in implementing, operating, and continuously improving ATR's Information Security Management System (ISMS) in compliance with Part-IS (EU 2022/1645 and EU 2023/203), ISO/IEC 27001 standards, and applicable cyber-regulatory frameworks (NIS2, GDPR, EU data Act, PART-IA etc). This role ensures the alignment of information security with aviation safety requirements orchestrating resources, suppliers, and activities to deliver secure and compliant operations.
*Key Responsibilities*
*Governance and compliance:*
Ensure ATR's ISMS is maintained in line with EASA Part-IS requirements and ISO/IEC 27001 standards.
Act as the focal point for regulatory authorities (EASA, OSAC, DSAC) and ensure readiness for audits and inspections.
Lead the ISMS cycle: policy definition, risk assessment, incident response, compliance monitoring, and continuous improvement.
Oversee ISMS documentation, evidence, and KPIs; report to the Information Security Review Board (ISRB).
Deputize the CISO in decision-making, budget preparation, board reporting, and external representation.
Ensure alignment between information security and aviation safety requirements.
Manage compliance with broader cybersecurity regulations beyond Part-IS (e.g., NIS2, GDPR, EU Data Act where applicable).
*Operational and resource management: *
Identify proper allocation of resources (personnel, budget) to perform activities
Manage external resources and monitor workload to guarantee timely and cost controlled execution of all ISMS related activities
Define, review and maintain resource planning and training requirement for ISMS personnel
Follow and monitor the allocated budget, ensuring accurate tracking of expenditures
Define and update the Operating Plan (OP) for ISMS and cybersecurity activities, aligned with ATR's strategic and financial planning
Orchestrate interdependent activities across teams and suppliers to ensure consistency, alignment, and efficiency in ISMS implementation
Manage relationship with SMS officers
Establish a security-by-design framework to strengthen cybersecurity across ATR's ongoing and future projects.
Implement a comprehensive data management approach, including the development of a structured data model and taxonomy, and define the associated security requirements.
*Procurement and suppliers management: *
Identify needs in terms of tools, services, and external support required for ISMS and cybersecurity activities
Translate needs into detailed work specifications
Manage the end-to-end procurement process: supplier selection, request for quotation, evaluation, and recommendation
Launch purchase orders and ensure follow-up until delivery
Ensure a good receipt of services upon completion of the activity, ensuring compliance with expected requirements (on time and on quality)
Ensure Part-IS and cybersecurity requirements are properly integrated into procurement processes and contractual clauses
Support the Supplier Management Department in cascading ATR's requirements to third parties
Propose and contribute to "Make/Buy" strategies and oversee supplier performance in relation to cybersecurity and compliance
*Awareness, Communication and Cyber Culture: *
Coordinate and deliver cybersecurity awareness and trainings
Design and Launch internal communication campaigns strengthen knowledge and understanding of cybersecurity practices at all organizational levels
Develop change management initiatives to reinforce adoption of security practices.
Promote information security as a key enabler of safety
*Cyber Resilience:*
Keep the organization informed and prepared for new and emerging cybersecurity regulations related to information security and data governance
Ensure ATR's resilience to cyber incidents through incident response and business continuity plans
* About you *
*Required Skills & Experience:*
* Proven experience in information security management, preferably in aviation or regulated industries.
* Knowledge of EASA Part-IS, ISO/IEC 27001, NIST CSF, and EU cyber regulations.
* Strong background in ISMS audits, compliance, and regulatory relations.
* Leadership, communication, and stakeholder management skills.
* Certifications (CISSP, CISM, ISO 27001 Lead Implementer/Auditor) desirable.
* Project Management certifications desirable
* Teamwork and team management
* Problem solving and decision making
* Fluent in English and French (Italian is a plus)
* ... but above all, you are ready to take off with us to keep connecting communities and businesses and provide the best possible products and support to our customers!
* Our Recruitment Process *
* Pierre will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un * Cybersecurity Manager / ISMS Officer * pour rejoindre notre Direction *CISO and Future developments* au sein de l'équipe de *Pierre* : une équipe d'une dizaine de collaborateurs !
*[Career Path: Project management] *
* Votre mission *
*Mission principale*
L'ISMS Officer / Adjoint(e) du Chief Information Security Officer (CISO) soutient ce dernier dans la mise en œuvre, l'exploitation et l'amélioration continue du *Système de…
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for a *Cybersecurity Manager / ISMS Officer* to come onboard in our *CISO and Future developments* * Directorate * in* Pierre* 's team : a team of *10 *collaborators!
*[Career Path: Project management] *
* Your Mission *
*Job Purpose*
The ISMS Officer/Deputy CISO supports the Chief Information Security Officer (CISO) in implementing, operating, and continuously improving ATR's Information Security Management System (ISMS) in compliance with Part-IS (EU 2022/1645 and EU 2023/203), ISO/IEC 27001 standards, and applicable cyber-regulatory frameworks (NIS2, GDPR, EU data Act, PART-IA etc). This role ensures the alignment of information security with aviation safety requirements orchestrating resources, suppliers, and activities to deliver secure and compliant operations.
*Key Responsibilities*
*Governance and compliance:*
Ensure ATR's ISMS is maintained in line with EASA Part-IS requirements and ISO/IEC 27001 standards.
Act as the focal point for regulatory authorities (EASA, OSAC, DSAC) and ensure readiness for audits and inspections.
Lead the ISMS cycle: policy definition, risk assessment, incident response, compliance monitoring, and continuous improvement.
Oversee ISMS documentation, evidence, and KPIs; report to the Information Security Review Board (ISRB).
Deputize the CISO in decision-making, budget preparation, board reporting, and external representation.
Ensure alignment between information security and aviation safety requirements.
Manage compliance with broader cybersecurity regulations beyond Part-IS (e.g., NIS2, GDPR, EU Data Act where applicable).
*Operational and resource management: *
Identify proper allocation of resources (personnel, budget) to perform activities
Manage external resources and monitor workload to guarantee timely and cost controlled execution of all ISMS related activities
Define, review and maintain resource planning and training requirement for ISMS personnel
Follow and monitor the allocated budget, ensuring accurate tracking of expenditures
Define and update the Operating Plan (OP) for ISMS and cybersecurity activities, aligned with ATR's strategic and financial planning
Orchestrate interdependent activities across teams and suppliers to ensure consistency, alignment, and efficiency in ISMS implementation
Manage relationship with SMS officers
Establish a security-by-design framework to strengthen cybersecurity across ATR's ongoing and future projects.
Implement a comprehensive data management approach, including the development of a structured data model and taxonomy, and define the associated security requirements.
*Procurement and suppliers management: *
Identify needs in terms of tools, services, and external support required for ISMS and cybersecurity activities
Translate needs into detailed work specifications
Manage the end-to-end procurement process: supplier selection, request for quotation, evaluation, and recommendation
Launch purchase orders and ensure follow-up until delivery
Ensure a good receipt of services upon completion of the activity, ensuring compliance with expected requirements (on time and on quality)
Ensure Part-IS and cybersecurity requirements are properly integrated into procurement processes and contractual clauses
Support the Supplier Management Department in cascading ATR's requirements to third parties
Propose and contribute to "Make/Buy" strategies and oversee supplier performance in relation to cybersecurity and compliance
*Awareness, Communication and Cyber Culture: *
Coordinate and deliver cybersecurity awareness and trainings
Design and Launch internal communication campaigns strengthen knowledge and understanding of cybersecurity practices at all organizational levels
Develop change management initiatives to reinforce adoption of security practices.
Promote information security as a key enabler of safety
*Cyber Resilience:*
Keep the organization informed and prepared for new and emerging cybersecurity regulations related to information security and data governance
Ensure ATR's resilience to cyber incidents through incident response and business continuity plans
* About you *
*Required Skills & Experience:*
* Proven experience in information security management, preferably in aviation or regulated industries.
* Knowledge of EASA Part-IS, ISO/IEC 27001, NIST CSF, and EU cyber regulations.
* Strong background in ISMS audits, compliance, and regulatory relations.
* Leadership, communication, and stakeholder management skills.
* Certifications (CISSP, CISM, ISO 27001 Lead Implementer/Auditor) desirable.
* Project Management certifications desirable
* Teamwork and team management
* Problem solving and decision making
* Fluent in English and French (Italian is a plus)
* ... but above all, you are ready to take off with us to keep connecting communities and businesses and provide the best possible products and support to our customers!
* Our Recruitment Process *
* Pierre will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un * Cybersecurity Manager / ISMS Officer * pour rejoindre notre Direction *CISO and Future developments* au sein de l'équipe de *Pierre* : une équipe d'une dizaine de collaborateurs !
*[Career Path: Project management] *
* Votre mission *
*Mission principale*
L'ISMS Officer / Adjoint(e) du Chief Information Security Officer (CISO) soutient ce dernier dans la mise en œuvre, l'exploitation et l'amélioration continue du *Système de…
Référence : JR10369157
Recommandé pour vous
Biars-sur-Cère (46)CDI Il y a 15 jours
Toulouse (31)Stage Il y a 14 jours
Toulouse (31)CDI Il y a 2 jours