Security Governance Analyst

Job Description:

NAVBLUE an Airbus Company is currently seeking a Security Governance Analyst to join our team. The Security Governance Analyst is responsible for maintaining and monitoring the NAVBLUE Information Security Management System. Ensuring that NAVBLUE processes comply with the NAVBLUE security standard by being responsible for security audits activities. Ensure that all NAVBLUE processes and products maintain compliance with security standards including ISO 27001. They will propose amendments and improvements to existing Security structures and policies based on changes in the industry and best practices. They will support the assessment of security in NAVBLUEs supply chain and will ensure security communication towards our customers. This includes supporting and implementing Security initiatives across the organization and helping to develop the organizations knowledge.

Main Responsibilities:

• Maintain Security OKR and KPIs

• Assist with performance of Internal and 3rd party security audits and ensure security findings follow up until closure.

• Ensure Process owners perform RCAs of audit findings and close any actions arising from audits in a timely manner

• Define the yearly company security audits and penetration testing strategy

• Assist in the deployment of NAVBLUEs security policy with the goal of Maintaining ISO 27001/2 certification using the policies standards and procedures that have already been developed.

• Contribute to the preparation and dissemination of a Security Awareness Program to NAVBLUE staff

• Maintain documentation at a level that meets the audit requirements ISO 27001/2

• Help to develop and improve the IT Business Continuity procedures and processes and other applicable security regulations.

• Ensure the implementation and assessment of the security in NAVBLUEs supply chain and support the risk identification if needed

• Be the security focal point and support the other functions with regards to customers request on security

Qualified Experience/Skills/Training

Education:

• Successful completion of an Academic degree in Information Technology Information Security Management System or equivalent

Experience:

• Solid experience in Security.

• 1 to 3 years experience in Governance Risk and Compliance

• Must be a reliable responsible self-starter with a demonstrated ability to work independently and prioritize effectively.

Licensure/Certifications:

• Holder of security certifications (SSCP ISO 27005 Risk Manager ISO 27001 Auditor etc.) would be an asset

• Knowledge of security regulations would be an asset

• Knowledge of physical security would be an asset

Communication Skills (Spoken Written Influencing Proficiency in Other Languages):

• Communication skills appropriate for interfacing at all levels of the organization including senior management and technical staff including documentation (top level policies technical standards etc.)

• Must work effectively with others in a team environment with strong skills in stakeholder management

• Project management skills and highly organized capable of delivering projects on-time and on-budget

• Ability to work in an international environment spanning different jurisdictions with potentially different impacts on security

Technical Systems Proficiency:

• Working experience with Information Security Management System

• Understanding of security audit programs

• Understanding of advanced security protocols and standards

• Experience with software and security architectures

• Understanding of supply chain contractual framework

• Understanding of security regulations

• Risk and vulnerability analysis.

• Knowledge of security impact on safety

• Experience with monitoring tools

• Knowledge of project management methodologies (LBIP Agile etc).

Travel Required:

• 5% Domestic and International

Selection and Hiring Commitment

We thank all applicants for applying. Only selected applicants will be contacted.

Navblue is committed to creating an environment and a culture where everyone feels like they belong no matter who they are or where they are from. We are committed to providing equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job. We do not discriminate against any employee or applicant for employment because of race colour sex age national or ethnic origin religion sexual orientation gender identity or expression marital status family status genetic characteristics record of offences and basis of disability or any protected class. Accommodations will be available on request for candidates throughout the entire recruitment and selection process.

About Us:

NAVBLUE an Airbus Company is a leading global provider of flight operations solutions including aeronautical charts navigation data solutions flight planning aircraft performance software (take-off/landing weight and balance) and crew planning be able to shape the future of the digital aviation industry by working on several of the best in the industry flagship products enabling pilots dispatchers flight engineers and other aviation personnel on a daily basis to deliver safe efficient and reliable flight operations all over the world. Youll have the opportunity to support millions of flights each year and help NAVBLUE customers maximize efficiency reduce costs ensure compliance with complex national and international safety regulations and effectively deliver their services.

Youll join a team with a focus on digital and collaborative innovation that is passionate and customer-focused. Over the last few years Airbus has been supportive of various initiatives such as Going Digital Performance Based Navigation Services Air Traffic Management Modernization Programs FlySmart on iOS and other digital projects related to new aircraft technologies; the launch of NAVBLUE was therefore a natural step to further develop its Flight Operations and Air Traffic Management Portfolio.

NAVBLUE is a fully owned subsidiary of Services by Airbus fueled by the agility of Airbus ProSky and Navtech (acquired in 2016) and the pioneering spirit of Airbus NAVBLUE was created in July 2016 with one mission: lead aviation into the digital age.

NAVBLUE is based in Hersham (UK) Cardiff (UK) Toulouse (France) Waterloo ON (Canada) Bangkok (Thailand) Malmö (Sweden) and Gdańsk (Poland) with other offices all around the world.

The Future is Yours for the Taking: job requires an awareness of any potential compliance risks and a commitment to act with integrity as the foundation for the Companys success reputation and sustainable growth.

Company:

Contract Type:

-----

Experience Level:

Job Family: