For Airbus Defence and Space (Airbus DS) in Spain within the Information Management Security team we are looking for a DevSecOps Engineer to improve the DevSecOps workflow.
You are a highly motivated DevSecOps Engineer that enjoys solving problems and simplify solutions with real working experience on automation in Cloud providers like AWS, Azure or Google Cloud, strong secure development background and real passion for Security.
Airbus is a regulated environment and we push the limits to ensure our data is secure and our products are on time and on quality while fulfilling our security commitments with customers and regulators.
Reporting to the Head of IM Security Spain you will have a high involvement in international initiatives at Airbus level.
As a DevSecOps Engineer you will drive the Airbus DS evolution to Cloud and improve the security of our developments, defining security requirements, verifying, validating solutions, architectures applications and processes.
As a DevSecOps Engineer expert you will work with the business and other technical IM teams providing you expertise to the projects, defining, documenting and validating processes, procedures, best practices and guidelines as well as coordinating the risk management within the team.
You will be joining challenging and complex projects, with tight timeframes to ensure that the Airbus systems are automated and properly protected by joining projects to define and engineer the systems Airbus is creating.
This job will also imply ensuring the security of our applications by auditing code, define the proper security checks in the CI/CD chain and being able to create or validate the security documents and best practices.
The position requires excellent Information security skills, a deep understanding and proven experience in Cloud Security technologies and development skills beside a solid education in Cyber Security and Information Technology.
Your responsibilities will include:
• Leading the Cloud Security and Secure developments activities within the team.
• Act as a Security responsible for Cloud, automation or security development projects.
• Define the best practices in DevSecOps & Automation for Airbus DS.
• Maintain & improve the best practices in secure software development for Airbus DS.
• Provide expertise in the DevSecOps workflow & work in a global solution for Airbus DS.
• Leading projects and ensuring the quality of the deliverables.
• Ensure the security regulatory compliance.
• Develop proposals to manage and reduce risks.
• Provide reports for IM and IM Cyber Security Management on a regularly basis.
• Responsible of the implementation of Information cybersecurity strategy according to Airbus policies.
• Participate in the Airbus international workgroups.
• Support other activities in the IM Security department.
Skills and Qualification
• Hacker mindset: Curiosity, willingness to understand how things work, how to break and fix them.
• Highly innovative mindset and permanently challenging the status quo.
• Passionate about Security and Technology.
• Willingness to do always your best, grow and take new responsibilities.
• At least 5 years in Information Security.
• Excellent written and oral communication skills.
• Ability to work in an environment that requires a high level of detail and confidentiality.
• Proactive, self-motivated with the ability to work independently and as a team member in a challenging environment.
• Able to work autonomously as well as in international teams.
• Knowledge of network and application security architecture and operating systems.
• Systems and applications architecture design experience.
• Project and Service management skills and experience.
• Real experience on Cloud migration (AWS, Azure, …) and security development.
• Working experience on building DevSecOps workflows & CI/CD toolchains.
• Knowledge of how to secure Infrastructure as a Code and API/REST.
• Being able to automate security and audit applications (Static & Dynamic) to provide security improvements.
• Knowledge on how to build cloud ready applications through containerization, microservices, …
• Experience in Compliance checking with SCAP.
• Deep understanding on Jenkins, Dockers, Python, Terraform, Ansible, AWS Lambda, AWS CloudWatch, …Experience in continuous integration pipeline with Jenkins, Sonar, Nexus, …
• Experience with programming languages in real projects: Python, Java, C++, scripting, …
• Strategic and entrepreneur thinking.
• Must be able to link security risk to provide business value.
• Reliability, accuracy and a feeling for making analytical decision on criteria and processes.
• Personality capable to develop and maintain reliable relationships on all relevant management levels.
• Strong skills in communicating and presenting complex situations.
• Analytical capabilities and well developed planning and organizational skills.
• Advanced English and Fluent Spanish.
• Ability to obtain a Security Clearance.
• The role will involve traveling.
• Certifications: AWS Certified Security, AWS Certified Solutions Architect, AWS Certified DevOps Engineer
• SANS540, SEC545.
¤ Please apply for this vacancy with your CV attached in English.
¤ By submitting your CV or application you are consenting to Airbus Group using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus Group.
¤ This position is offered under local conditions.
¤ Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.