ATR - Cybersecurity Manager AIRBUS
Toulouse (31)CDITélétravail partiel
Il y a 23 heuresSoyez parmi les premiers à postuler
Critères de l'offre
Métiers :
- Security Manager
Télétravail :
- Télétravail partiel
Expérience min :
- 3 à 5 ans
Secteur :
- Industries Aéro, Naval et Défense
Compétences :
- Anglais
Lieux :
- Toulouse (31)
Conditions :
- CDI
- Temps Plein
Description du poste
**Job Description:**
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for a *Cybersecurity Manager * to come onboard in our CISO and Future Developments Directorate in Pierre's team: a team of 10 collaborators!
*[Career Path: Project Management]*
* Your Mission *
*Job Purpose*
The *Cybersecurity Manager *provides technical expertise and hands-on support across ATR's cybersecurity activities.
This role contributes to the implementation of the Information Security Management System (ISMS), participates in risk assessments, supports cybersecurity-by-design initiatives, performs supplier evaluations, assists with incident analysis, and ensures the production of documentation and evidence required for compliance.
The position covers a broad perimeter, giving exposure to governance, engineering, IT, suppliers, compliance, and operations, while maintaining a technical focus suitable for a junior engineer (3-5 years of experience).
The Cybersecurity Engineer also acts as a *Product Security Officer*, contributing to the identification, documentation, and follow-up of cybersecurity requirements for ATR products, systems, and services.
*Key Responsibilities*
**1. ISMS Operational Support**
* Produce and maintain ISMS documentation (procedures, control evidence, records, KPIs) in support to the ISMS Officer.
* Support internal audits and compliance assessments led by the ISMS Officer.
* Contribute to the monitoring of cybersecurity controls and remediation follow-up.
* Assist in preparing evidence for EASA, OSAC, DSAC audits and inspections.
* Support the implementation and continuous improvement of ISMS processes.
**2. Cyber Risk Assessment & Analysis**
* Perform SRA analyses under the supervision of the ISMS Officer and Deputy CISO.
* Identify threats, vulnerabilities, and applicable security controls.
* Contribute to the maintenance of the Information Security Risk Register.
* Support mitigation tracking and documentation.
* Prepare technical summaries and recommendations.
**3. Security-by-Design Support (Engineering, Programs, IT)**
* Support cybersecurity-by-design activities for Engineering and IT projects.
* Assist in defining technical cybersecurity requirements for aircraft systems, IT solutions, digital projects, and suppliers.
* Contribute to design reviews and ensure traceability of requirements.
* Perform security evaluations, provide technical inputs, and support integration tasks.
* Act as a *Product Security Officer*, contributing to product-level cybersecurity analyses.
**4. Supplier Security & Procurement Support**
* Conduct supplier cybersecurity assessments (questionnaires, evidence checks, scorecards).
* Support Procurement in integrating cybersecurity requirements into RFPs and contracts.
* Perform follow-up of supplier compliance deliverables.
* Contribute to Make/Buy analysis by providing technical insights.
**5. Awareness, Training & Cyber Culture**
* Prepare material for cybersecurity awareness campaigns and support their delivery.
* Contribute to internal communication content (guidelines, quick-reference materials).
* Provide technical coaching to project teams when requested.
**6. Incident Response & Technical Investigations**
* Support IT during cybersecurity incident diagnostics and evidence gathering, contributing to containment, analysis, and documentation.
* Identify, analyse, and qualify vulnerabilities (systems, applications, configurations, supplier deliverables).
* Support vulnerability triage and remediation follow-up with IT and Engineering teams.
* Contribute to root cause analyses and lessons learned documentation.
* Assist in improving detection and response processes.
* About you *
*Required Skills & Experience:*
You need to have technical understanding on:
* Networks & Protocols: knowledge of TCP/IP architectures, Firewalls, Proxies, VPN.
* Operating Systems: understanding of Windows Server and Linux security.
* Security Tools: first experience with SIEM, IDS/IPS, EDR/XDR, WAF, PKI solutions.
* Cryptography: understanding of encryption and key management principles.
* Scripting: basic skills in Python, Bash/Shell or PowerShell.
* Cloud Security: familiarity with AWS, Azure or GCP security mechanisms.
* Product Security: ability to contribute to cybersecurity evaluations for ATR products and systems
For clarity, this role does not sit within the IT department, which already has solid competencies in place. You will nevertheless collaborate closely with them to ensure smooth and secure execution of activities.
* 3-5 years' experience in cybersecurity, IT security, or systems/software engineering.
* Basic understanding of ISO 27001, Part-IS, NIS2, NIST CSF.
* Technical curiosity and willingness to learn aviation cybersecurity.
* Strong analytical and problem-solving mindset.
* Ability to work transversely with Engineering, IT, Programs, Procurement.
* Fluent in English; French is desirable.
... but above all, you are ready to take off with us to keep connecting communities and businesses and provide the best possible products and support to our customers!
* Our Recruitment Process *
* Pierre will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un(e) *Cybersecurity Manager *pour rejoindre notre Direction CISO and Future…
* About us *
ATR is the *world's number one aircraft manufacturer in regional aviation* providing a new generation of turboprops. We are a joint venture between *two European aeronautical heavyweights, Airbus and Leonardo. *
From the world's largest cities, to our planet's most remote regions*, our purpose is to deliver air travel* to people, communities and businesses in an *innovative, sustainable and modern way.*
If you strive for excellence, are driven by *ambition*, *trust *and *respect* as we are, then get your career off to a flighting start with ATR!
*Our leadership profile:*
* People Centric Entrepreneurial Inspiring Exemplary Innovative Humble *
* At ATR y **ou will work with passionate colleagues to make a difference in a human size company with attractive advantages! *
We are looking for a *Cybersecurity Manager * to come onboard in our CISO and Future Developments Directorate in Pierre's team: a team of 10 collaborators!
*[Career Path: Project Management]*
* Your Mission *
*Job Purpose*
The *Cybersecurity Manager *provides technical expertise and hands-on support across ATR's cybersecurity activities.
This role contributes to the implementation of the Information Security Management System (ISMS), participates in risk assessments, supports cybersecurity-by-design initiatives, performs supplier evaluations, assists with incident analysis, and ensures the production of documentation and evidence required for compliance.
The position covers a broad perimeter, giving exposure to governance, engineering, IT, suppliers, compliance, and operations, while maintaining a technical focus suitable for a junior engineer (3-5 years of experience).
The Cybersecurity Engineer also acts as a *Product Security Officer*, contributing to the identification, documentation, and follow-up of cybersecurity requirements for ATR products, systems, and services.
*Key Responsibilities*
**1. ISMS Operational Support**
* Produce and maintain ISMS documentation (procedures, control evidence, records, KPIs) in support to the ISMS Officer.
* Support internal audits and compliance assessments led by the ISMS Officer.
* Contribute to the monitoring of cybersecurity controls and remediation follow-up.
* Assist in preparing evidence for EASA, OSAC, DSAC audits and inspections.
* Support the implementation and continuous improvement of ISMS processes.
**2. Cyber Risk Assessment & Analysis**
* Perform SRA analyses under the supervision of the ISMS Officer and Deputy CISO.
* Identify threats, vulnerabilities, and applicable security controls.
* Contribute to the maintenance of the Information Security Risk Register.
* Support mitigation tracking and documentation.
* Prepare technical summaries and recommendations.
**3. Security-by-Design Support (Engineering, Programs, IT)**
* Support cybersecurity-by-design activities for Engineering and IT projects.
* Assist in defining technical cybersecurity requirements for aircraft systems, IT solutions, digital projects, and suppliers.
* Contribute to design reviews and ensure traceability of requirements.
* Perform security evaluations, provide technical inputs, and support integration tasks.
* Act as a *Product Security Officer*, contributing to product-level cybersecurity analyses.
**4. Supplier Security & Procurement Support**
* Conduct supplier cybersecurity assessments (questionnaires, evidence checks, scorecards).
* Support Procurement in integrating cybersecurity requirements into RFPs and contracts.
* Perform follow-up of supplier compliance deliverables.
* Contribute to Make/Buy analysis by providing technical insights.
**5. Awareness, Training & Cyber Culture**
* Prepare material for cybersecurity awareness campaigns and support their delivery.
* Contribute to internal communication content (guidelines, quick-reference materials).
* Provide technical coaching to project teams when requested.
**6. Incident Response & Technical Investigations**
* Support IT during cybersecurity incident diagnostics and evidence gathering, contributing to containment, analysis, and documentation.
* Identify, analyse, and qualify vulnerabilities (systems, applications, configurations, supplier deliverables).
* Support vulnerability triage and remediation follow-up with IT and Engineering teams.
* Contribute to root cause analyses and lessons learned documentation.
* Assist in improving detection and response processes.
* About you *
*Required Skills & Experience:*
You need to have technical understanding on:
* Networks & Protocols: knowledge of TCP/IP architectures, Firewalls, Proxies, VPN.
* Operating Systems: understanding of Windows Server and Linux security.
* Security Tools: first experience with SIEM, IDS/IPS, EDR/XDR, WAF, PKI solutions.
* Cryptography: understanding of encryption and key management principles.
* Scripting: basic skills in Python, Bash/Shell or PowerShell.
* Cloud Security: familiarity with AWS, Azure or GCP security mechanisms.
* Product Security: ability to contribute to cybersecurity evaluations for ATR products and systems
For clarity, this role does not sit within the IT department, which already has solid competencies in place. You will nevertheless collaborate closely with them to ensure smooth and secure execution of activities.
* 3-5 years' experience in cybersecurity, IT security, or systems/software engineering.
* Basic understanding of ISO 27001, Part-IS, NIS2, NIST CSF.
* Technical curiosity and willingness to learn aviation cybersecurity.
* Strong analytical and problem-solving mindset.
* Ability to work transversely with Engineering, IT, Programs, Procurement.
* Fluent in English; French is desirable.
... but above all, you are ready to take off with us to keep connecting communities and businesses and provide the best possible products and support to our customers!
* Our Recruitment Process *
* Pierre will contact you
* Innovative and digital assessment
* To get to know you better: interview *Pierre* then with *Mehdi* our Hr Recruiter
* What we offer *
* Highly competitive compensation package * (profit and success sharing, employee savings plan...)
* Work-life balance * (remote working, 6th week of paid leave, additional days off for family events...)
* Well-being / health * (supplementary health & welfare coverage...)
* Career paths * enabling employees to develop their skills and build a professional project
* Wide choice of development programs * for soft and hard skills
* CSE: * ATR (family and employee events) and Airbus CSE (travel, vacation camps ...)
* Diversity* *and inclusion*: Over 1200 men & women with more than 35 different nationalities work together in our teams !
ATR is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
* A propos d'ATR *
ATR est le *premier constructeur mondial d'avions régionaux* et propose une nouvelle génération de turbopropulseurs. Nous sommes une *filiale de deux poids lourds de l'aéronautique européenne, Airbus et Leonardo. *
Des plus grandes villes du monde aux régions les plus reculées de notre planète, *notre objectif est d'assurer le transport aérien* des personnes, des communautés et des entreprises d'une manière innovante, durable et moderne.
Si vous recherchez l'excellence, si vous êtes animé par *l'ambition,* la *confiance* et le *respect,* alors faites décoller votre carrière avec ATR *! *
*Notre Leadership Profile : *
*Centré(e) sur l'humain un esprit entrepreneur inspirant(e) exemplaire innovant(e) humble*
*Vous travaillerez avec des collègues passionnés pour faire la différence dans une entreprise à taille humaine avec des avantages attractifs ! *
Nous recherchons un(e) *Cybersecurity Manager *pour rejoindre notre Direction CISO and Future…
Référence : JR10378912
Recommandé pour vous
Toulouse (31)CDI 60 000 € - 70 000 € par an Il y a 14 jours
Toulouse (31)CDI Il y a 15 jours
Toulouse (31)CDIC Il y a 21 jours