A/C Security Architect (d/f/m)

Job Description:

A vacancy for A/C Security Architect (d/f/m) has arisen within the Defence and Strategic Programmes team of Airbus Cybersecurity in Spain. We provide products, development, concepts, and cybersecurity engineering to internal and external customers in Airbus. As a European specialist, Airbus shields customers, agencies, and critical infrastructures from cyber threats.

We are looking for experienced A/C Security Architect with proven experience in the defence and aerospace domains. In the role of A/C Security Architect the  main responsibilities are:

1. Leadership and management of product security aspects throughout the entire lifecycle.

2. Promotion of the "Security-by-Design" approach among various project stakeholders.

3. Proactive contribution to architecture design to mitigate risks.

4. Security Risk Analysis (SRA) using methodologies such as MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.

5. Design of detailed security architectures (High-Level and Low-Level Design) for subsystems and components.

6. Ensuring regulatory compliance (CC/CEM, CCN-STIC).

7. Development of Security Operating Procedures (SecOps) for product maintenance.

8, Security Focal Point for customer liaison and communication.

9. As an integral part of their duties, the candidate must fulfill responsibilities regarding Occupational Health and Safety (OHS), Quality, and Environment. This includes strict compliance with all health and safety regulations and procedures established by the company and current legislation; participating in OHS training; correctly using personal protective equipment (PPE); and reporting any unsafe conditions. Furthermore, they must ensure all activities align with quality standards, contributing to continuous improvement, maintaining accurate records, and participating in quality audits. They shall also engage in sustainability initiatives, promoting efficient resource use and waste reduction, and reporting environmental incidents to guarantee a safe, sustainable, and high-quality work environment.

10. As an AIRBUS SLC employee, the candidate is required to know and comply with established internal policies and procedures, both at the Airbus Group level and specific AIRBUS SLC procedures, committing to:

• a) Comply with AIRBUS SLC policies, codes, and standards.
• b) Understand and fulfill assigned roles and responsibilities regarding Information Security, Privacy, and Confidentiality.
• c) Undergo training, awareness, and capacity building with periodic updates on entity policies and procedures relevant to their position. Act with due diligence to prevent security incidents. In this regard, investigative and disciplinary proceedings may be initiated against those responsible for an incident; such proceedings shall not commence without prior verification that an incident has occurred.

Required Education & Qualifications

• Academic Background: Master’s or Bachelor’s Degree in Telecommunications, Aerospace/Aeronautical, or Computer Science Engineering.
• Risk Methodologies: Expert proficiency in at least two of the following methodologies: MAGERIT, PILAR, NIST, EBIOS, or EUROCAE ED202A/203B.
• Security Clearance: Mandatory NATO/National Security Clearance.
• Languages: English C1 (Advanced) for technical and business-level liaison.

Critical Knowledge

Key Technical Expertise:

• High-Level and Low-Level Security Architectures (HLD/LLD).
• Pentesting Fundamentals: Strong understanding of penetration testing to validate architectural designs.
• Compliance Standards: In-depth knowledge of CC/CEM (Common Criteria) and CCN-STIC guidelines.

Required Experience

• Minimum of 4 years of experience in information security or aircraft systems.

Required Competencies

Technical Competencies

• Critical Architecture Design: Ability to create complex security frameworks that support aeronautical subsystems.
• Security-by-Design Advocacy: Proficiency in evangelizing and integrating security principles into the early stages of engineering development.
• Risk Management: Ability to translate technical threats into Security Risk Assessments (SRA) with business or mission impact.
• SecOps Definition: Capacity to draft Security Operating Procedures that ensure long-term product maintenance.
• Technical Consulting: Acting as a subject matter expert (SME) for external clients to defend and explain architectural decisions.

Behavioral Competencies

• Leadership and Stakeholder Management: Ability to influence multidisciplinary teams and negotiate security requirements with Project Managers.
• Strategic Communication: Proficiency in acting as a "Focal Point," simplifying complex architectures for clients or certification authorities.
• Holistic Thinking: Global product vision; ability to understand how a vulnerability in a single component affects the overall safety and security of the aircraft.
• Autonomy and Decision-Making: Decisiveness in validating or rejecting designs based on risk analysis and regulatory compliance.
• Results and Quality Orientation: Focused on delivering high-quality technical documentation under demanding military or aeronautical standards.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Airbus Secure Land Communications, S.A.

Contract Type:

Permanent

-----

Experience Level:

Professional

Job Family:

Cyber Security <JF-CG-ST>

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.