Job Description:

Job Description and Tasks

• Key Responsibilities:
  • SOC Coordinator & Service Delivery Manager
    • Define and Drive SOC Strategy: Develop and implement the overarching SOC strategy, ensuring technical coherence across all tools and processes, while strictly adhering to regulatory compliance requirements.
    • Oversee Tool Deployment and Management: Define, select, and manage the deployment of critical SOC tools, including SIEM, SOAR, ticketing systems, and alert management platforms. You'll also refine associated processes and workflows for security incidents.
    • Establish End-to-End SOC Processes: Design and implement comprehensive SOC processes for everything from initial notification to incident escalation, ensuring clarity and efficiency.
    • Stakeholder Relationship Management: Foster strong relationships between security teams and external stakeholders, taking a lead role in coordinating security operations, especially during critical incidents or crisis situations.
    • Ensure SOC Service Delivery Excellence: Champion the continuous delivery of high-quality SOC services by rigorously monitoring Service Level Agreements (SLAs), tracking service quality, and evaluating the effectiveness of all SOC activities.
    • Business-SOC Alignment: Cultivate a strong working relationship between SOC teams and business units, providing effective service effectiveness reporting at all management levels to ensure security operations align with business objectives.
  • Security Analyst
    • High-Level Security Analysis: Conduct in-depth analysis for specific security needs, providing expert insights and recommendations.
    • Security Incident Response: Actively participate in and lead security incident response efforts, from detection and analysis to containment, eradication, and recovery.
  • Business Analyst (Cybersecurity Focus)
    • Business Security Support: Provide expert support to business units on all IT security-related topics.
    • Security Best Practices Advisory: Advise business stakeholders on industry-leading IT security best practices to enhance their security posture.
    • Log Onboarding Assessment: Conduct thorough assessments prior to onboarding logs into the SOC SIEM, ensuring data quality and relevance for effective security monitoring.
    • Cross-Functional Process Efficiency: Drive efficiency across business and security teams by ensuring seamless and optimized processes related to IT security.
• Required Skills & Experience:
  • 3-5 years of experience in cybersecurity, with a strong focus on Security Operations Center (SOC) environments, incident response, or security analysis.
  • Proven experience in defining, implementing, and optimizing security processes and workflows.
  • Proficient in Splunk for security monitoring, log analysis, and dashboard creation.
  • Strong understanding of security frameworks, standards, and compliance requirements (e.g., ISO 27001, NIST, GDPR, NIS2).
  • Demonstrated ability to manage and prioritize multiple tasks in a fast-paced environment.
  • Excellent communication, interpersonal, and presentation skills, with the ability to engage effectively with technical and non-technical stakeholders.
  • Analytical mindset with strong problem-solving capabilities.
  • English is a must

• Desirable Skills & Experience:
  • Certifications such as CompTIA Security+, CySA+, CEH, or equivalent.
  • Experience with GRC (Governance, Risk, and Compliance) platforms.
  • Knowledge of threat intelligence platforms and their application (e.g., Mandiant Threat Intelligence, MISP).
  • Splunk certifications such as Splunk Core Certified User, Power User, or Admin.
  • Proficiency in scripting languages (e.g., Python, PowerShell) for automation and data analysis.
  • Experience in leading small teams or projects.
  • Hands-on experience with Security Information and Event Management (SIEM) systems like Splunk, Microsoft Sentinel, or IBM QRadar, and Security Orchestration, Automation, and Response (SOAR) platforms such as Palo Alto Cortex XSOAR or Swimlane.
  • Familiarity with Endpoint Detection and Response (EDR) solutions (e.g., CrowdStrike, Microsoft Defender for Endpoint) and Network Detection and Response (NDR) tools.
  • Understanding of Identity and Access Management (IAM) concepts and tools.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth.

Company:

Airbus Helicopters España, SA

Employment Type:

Permanent

-------

Experience Level:

Professional

Job Family:

Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.