Cyber Security Evaluator

• Security Exception Management: Evaluate and process security exceptions, ensuring proper documentation, risk assessment, and the implementation of compensatory controls. This includes collaborating with various teams to facilitate secure deployments and minimize potential vulnerabilities.
• Penetration Testing Coordination: Assist in the organization and coordination of internal and external penetration tests, including scope definition, scheduling, and communication with stakeholders.
• Vulnerability and Compliance Management for the Airbus Group: Oversee the group-wide response to vulnerabilities and compliance issues, leveraging industry-standard vulnerability scanning and management platforms. This involves coordinating with all entities, including subsidiary offices, to review non-conformities and meticulously track the progress of remediation actions.
• Vulnerability Remediation Tracking: Monitor and track the progress of actions taken to address findings from security assessments and penetration tests. This involves retesting implemented solutions to confirm their effectiveness and maintain a robust security baseline.
• Process Improvement: Contribute to the continuous improvement of our security exception management and vulnerability remediation processes, identifying areas for optimization and automation.

• 1-3 years of professional experience in cybersecurity, information security, or a related field.
• Solid understanding of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and best practices.
• Familiarity with common vulnerability assessment tools and methodologies.
• Proven ability to analyze security risks and recommend appropriate mitigation strategies.
• Excellent communication skills, both written and verbal, with the ability to articulate technical concepts to diverse audiences.
• Strong organizational skills and attention to detail.
• English is a must

• Desirable Skills & Experience:

• Certifications such as CompTIA Security+, CySA+, CEH, or equivalent.
• Experience with GRC (Governance, Risk, and Compliance) platforms.
• Experience with vulnerability management platforms and their application in a large enterprise environment.
• Understanding of compliance frameworks relevant to cybersecurity (e.g., NIS2, GDPR, industry-specific regulations).
• Strong negotiation and persuasion skills.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation tasks.
• Experience with ticketing and project management systems (e.g., JIRA, ServiceNow).
• Experience with the use and deployment of AI agents in cybersecurity contexts.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.