Cyber Detection Engineer (d/f/m)

at  Airbus Defence and Space GmbH

JOB DESCRIPTION:

In order to support our international Incident Response Team, Airbus Defence and Space is looking for a

DESIRED SKILLS AND QUALIFICATIONS

• Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS)..
• Deep knowledge of Operating System insights (Windows/Linux)
• Knowledge of security frameworks (e.g., MITRE ATT&CK) and common attack vectors.
• Experience with Python is a requirement, PowerShell/Bash are a plus.
• Understanding of DevOps, git..
• Analytical Skills: Ability to investigate and analyze security events, developing detailed reports on findings and proposed solutions.
• This role may involve collaboration with different cybersecurity teams across Europe to improve the organization’s overall security posture, with a focus on incident detection and response strategies.
• Fluent written and spoken English are a must.
  Not a 100% match? No worries! Airbus supports your personal growth with customized development solutions.
  Take your career to a new level and apply online now!
  This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

EXPERIENCE LEVEL:

Professional

• Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR).
• Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection.
• Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting).
• Implement adversary emulation tests to assess the quality of the detection rules
• Participate in supporting the Incident Resposne Team in investigation and analysis of potential security incidents and vulnerabilities.
• Collaborate with senior engineers to develop and implement remediation strategies based on the investigation findings.
• Document and report incidents, detailing the nature of the event, steps taken for remediation, and future prevention strategies.
• Collaboration in the improvement of our CTI Processes and tools.
• Digestion and process of CTI feeds.
• Support threat intelligence operationalization efforts.
• Work closely with other security teams (e.g., red team, application security) to improve threat detection and response strategies.
• Supporting the definition and execution of Purple Teaming activities, to improve the Cyber Detection and Response capabilities.
• Help document processes, playbooks, and technical documentation related to threat detection, response,.
• Contribute to internal training sessions on threat detection methodologies and best practices.
• Participate actively in the development and implementation of tools and artifacts to support the Security Operations activities, within the scope of the Detection Engineering Team.
• Integrate different components to provide optimizations in the day to day of the Operational Teams, and enhance the company’s Cyber Resilience.
• Stay informed on the latest security trends, threats, and vulnerabilities, continually building knowledge in the cyber threat landscape.
• Participate in workshops, training, and certifications to enhance skills in cyber detection and response.