Skip to main content

This job has expired

Senior Information Assurance (IA) Security Architect

Employer
Airbus
Location
Newport (Casnewydd)
Salary
Competitive
Closing date
26 Aug 2021

View more

AIRBUS Defence and Space Limited

Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus offers modern and fuel-efficient airliners and associated services. Airbus is also a European leader in defence and security and one of the world's leading space businesses. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions and services worldwide.

Senior Information Assurance (IA) Security Architect An exciting opportunity has arisen within Airbus Cyber Security in Newport, South Wales.

Reporting directly to the Cyber Security Architect the Senior Information Assurance (IA) Security Architect ensures the principle of "secure by design" is driven into customer deliverable contracts and internal Cyber business programmes through the development or review of architectures so that they:

- Fit business requirements for security

- Mitigate the risks and conform to the relevant security policies

- Balance information risk against cost of countermeasures

If successful you will enable the design and implementation of secure enterprise level system architectures. To achieve this objective you will be positioned as the lead security Information Assurance (IA) on projects where you will liaise closely with the SDA, System Element SMEs, TM and PMO to advise and direct the evolution of the system design towards a secure architecture that satisfies the security requirements, complies to relevant security policies, standards and achieves the necessary accreditation.

You will have a firm understanding of the overall system Accreditation process with knowledge of the key accreditation artefacts that must be produced, Accreditation milestones, Risk Assessment methodologies and Risk Treatment techniques, and supporting evaluation/certification standards (e.g. ISO 27001, CAPS, CTAS, CHECK).

You will contribute to the delivery of Accreditation artefacts, in particular the details of the security architecture (e.g. within an RMADS) and the technical countermeasures applied to the Risk Treatment Plan.

You will foster a professional working relationship with the relevant accreditation authorities (e.g. NCSC, MoD ISS DAIS, NSAB) and third party security bodies (CHECK, CTAS, CAPS) where you will host regular workshops to walkthrough, explain and analyse the security architecture. You will also attend necessary Security Working Groups (SWGs) where you will be a key Airbus representative and provide valuable technical security and IA contribution.

You will be involved in customer contracts at all phases of the lifecycle from bid stage to delivery ensuring "secure by design" is instilled in projects at conception. You must have an understanding of the security requirements for the "in-service" phase during the design phase in order to ensure:

- Necessary protective Monitoring services (e.g. SOC/NOC) can be "bolted on" without compromising the security architecture

- A complete and effective Assurance Maintenance Plan (AMP) is applied

You will support continual improvement in the Cyber business by undertaking the following:

- Working closely with relevant stakeholders (Government Security Officer, IM Security, Cyber leads, MoD/NCSC Accreditation teams) to agree and approve security enhancements

- Driving improvements in the Development Security Management Plan (DSMP) and Manufacturing Security Plan (MSP), ensuring security governance is appropriately managed through the supply chain and compliant to relevant standards (e.g. DefStan 05-138), and being a key decision maker in the approval of new suppliers

- Producing and owning Security Management Plans (SMPs) for Cyber business areas/frameworks

- Contributing to the evolution of the security and capability of internal development environments

- Driving improvements in process efficiency and quality through, for example, choice of better security tooling/application for the Cyber business

Knowledge/Skills

- Architectural frameworks (e.g. TOGAF/MODAF, SABSA)

- Secure architectural patterns (e.g. NCSC/NATO APs)

- MoD/NCSC/NATO Accreditation methodologies and security standards (e.g. JSP 440, JSP 604, ISO 27001)

- Capture and understand information flows through a system

- Vulnerability Analysis: Understanding of attack vectors (technical and physical) against a system

- Technical/procedural countermeasure solutions/products and mitigation techniques proportionate to the risk posed (e.g. MFA, Diode, Gateway, IDS/IPS, PKI, RBAC, CAPS products)

Knowledge of latest security technologies and defence in depth approach including but not limited to:

- Boundary protection services/devices: Next Gen Firewalls, VPN, IDS/IPS, WiFi security, Data Diode, Web/Mail/directory proxies, DLP

- Hosting security: Server platform lockdowns, Virtualisation security

- Application security: Secure Gateways, Application proxies, DB security

- End User Device (EUD) security: Client lockdown, Drive Encryption, DLP,

- Anti-malware: Server AV, Client AV, network-borne AV, mail gateway AV

- Protective Monitoring/SOC Services: SIEM, Vulnerability Analysis/Scanners, IDS/IPS, Alerting/Reporting use cases

- Experience/knowledge of SATCOM solutions

Qualifications

- STEM related Degree

- Masters Degree in Information Security or equivalent

- NCSC CCP Senior Cyber/IA Security Architect

- NCSC CCP Senior SIRA

Because  of  the  nature  of  work  undertaken,  these  positions  are  required  to  meet  special nationality rules and therefore these vacancies are only open to sole British Citizens. If you meet  this  criteria  you  will  also  undergo  security  clearance  vetting,  if  not  already  security cleared to a minimum DV level In return we can offer a competitive salary with annual profit share; an ever growing list of company benefits including enhanced pay for maternity, adoption and shared parental leave and strong career development options across our transnational, market leading company.

Many of our staff work flexibly in many different ways, including part-time. Please talk to us at interview about the flexibility you need. We can't promise to give you exactly what you want, but we do promise not to judge you for asking.

Please let us know if you need us to make any reasonable adjustments for the selection process - you can share this with the Recruitment Business Partner who gets in touch if you are invited to interview. Examples of this may include (but is not exclusive to) accessible facilities; auxiliary aids; room layout etc. Any information disclosed will be treated in the strictest confidence.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert