Cyber Security Risk Consultant (D/F/M)

Job Description:

Airbus Protect brings together experts in the fields of cybersecurity safety and sustainability. We deliver expertise to our own group Airbus for whom we act as a privileged partner but also to external clients.

With more than 1.600 experienced professionals based in Germany France and the UK we service largescale contracts with companies such as critical infrastructures (CNI) other industries and public institutions. Our positioning and strategy enable us to meet the highest standards of the market and to meet the challenges of tomorrow as a team... together with you!

Location

Our location is just a stones throw away from Munich the beautiful state capital of Bavaria. Do you like sports and other outdoor activities The Alps and Lake Starnberg are just an hour away and offer a wide range of leisure activities.

If desired your place of work can also be flexibly determined between our locations within Germany provided the company agrees. These are as follows: Ottobrunn (Munich area) Donauwrth Friedrichshafen Cologne Finkenwerder (Hamburg). If the company agrees the specified location will be agreed in writing in your employment contract as part of the hiring process.

Your advantages

• Mobile working and flexible working hours

• Fair and attractive remuneration and special payments

• 30 days holiday and additional days off for special occasions

• Intensive induction and expert support as part of onboarding in the form of personalized onboarding with a personal mentor

• Excellent training opportunities and promising development prospects

• Attractive social benefits and offers including employerfinanced pension scheme employee share options discounted car leasing bike leasing special conditions for insurance employee benefits at cooperating companies

• Onsite facilities (depending on location) e. g. canteen and cafeteria fitness studio onsite kindergarten company medical service and other healthrelated services

Your main tasks

• Performing risk or business impact analysis (on embedded systems industrial systems (OT) IT and Cloud systems) for medium to big consulting projects including financial quantification of cyber risk and impact analysis of catastrophic scenarios

• Definition and monitoring of functional and technical mitigation plans methodological and technical monitoring data analytics and mathematical modeling

• Plan and lead small consulting projects and significantly participate to consulting projects of medium to big size

• Apply consulting methods independently while documenting and presenting results internally and externally

• Design and delivery of awareness and training to internal and external customers

• Improvement of existing processes and toolings

• Occasional advice to customers for possible further support (cross/upselling)

• Collaboration in the preparation of offers and company presentations

• Taking on functional and/or projectrelated tasks in projects (e.g. technical project planning topic responsibility)

• Preparation of required documentation and presentations of work results

Required expertise and skills

• The work task requires knowledge and skills that are generally acquired through a relevant completed degree programme of up to 4 years duration in the field of engineering computer science cybersecurity or comparable degree programmes and related subjectspecific additional qualification or through a relevant completed degree programme of more than 4 years duration with a degree or completed vocational training with a corresponding particularly extensive subjectspecific additional qualification. The overall required knowledge and experience may have been acquired in other ways.

• Fundamental knowledge and experience in the above listed tasks

• Deep understanding of major security and risk management frameworks (ISO 27001 ISO 27005 ISO 31000 NIST CSF EBIOS RM FAIR)

• Understanding of security technologies controls and best practices

• Ability to develop and maintain security policies procedures and standards

• Proven experience leading risk assessment projects and security initiatives strong experience with risk assessment methodologies and qualitative risk analysis knowledge of quantitative risk analysis and the associated calculation methods is a plus

• Knowledge of regulatory requirements across industries (Export Control GDPR NIS2 Defense EASA Regulations) and experience with GRC platforms and risk management tools

• Exceptional ability to communicate complex security concepts to nontechnical stakeholders

• Ability to advise the customer regarding his request and objectives and to build consensus among diverse stakeholders

• Cultural sensitivity for working with international teams

• German and English: negotiation level mandatory (speaking and writing)

• Willingness to travel domestically and abroad

A security clearance is required for this activity or must be issued by the responsible authorities.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity as the foundation for the Companys success reputation and sustainable growth.

Company:

Contract Type:

Experience Level:

Job Family: