Security Expert – F/M
ESSP, a dynamic French company open to the world, is looking for a Security Expert for a Permanent –Full-time Contract in Toulouse.
We work with highly skilled teams and our employees come from different backgrounds and disciplines, from aeronautics to aerospace, engineering to telecommunications. This diversity allows the company great flexibility to adapt to new needs and challenges.
We are eager to provide the best quality services through safe and efficient operations and management systems. We are expanding and always looking for new talents.
To find out more about us, we invite you to visit our website: https://www.essp-sas.eu/human-resources/careers/
Some videos are also available on YouTube for you to discover our activities:
And a lot more videos are available.
If you are rigorous, with a good level of English, with strong Security of infrastructure and information system background, then this position is for you!
By joining us, you will be in charge of defining, implementing and ensuring the application of ESSP security policies related to Facility Management and Crisis management.
You main tasks will be:
- Managing ESSP Facilities Security Policy for both Toulouse and Madrid Sites; ensure the accreditations and compliance
- Ensuring the security of ESP operational facilities in Europe and beyond:
o Operational Sites maintained and operated according to design security requirements, operational security requirements and regulatory requirements;
o Adjust requirements to specific site constraints;
o Approve compliance level to security requirements;
o Monitor the implementation of security requirements on sites;
o Report on on-site audits reports, anomalies and incidents;
o Perform audits on sites with high critical security conditions or requirements;
- Defining and maintaining Business Continuity Plans and Crisis Management on Security aspects
o Ensure contingency plan are available and appropriate in case of crisis
o Contribution to the definition and the implementation of crisis management process
- Supporting ESSP activities and services delivered to ESSP Customers on Security Expertise
o Contribution to ESSP bids
o Define and maintain, in collaboration with the Safety team and EASA, a method for conciliating/ordering safety and security constraints
o Maintain the relationship between the Safety and the Security teams
o Identify and analyze cyber risks and vulnerabilities and propose treatment plans;
o Propose and implement security functions and solutions, contribute to security projects;
o Ensure reviews and validations within the framework of the company's processes (changes, anomalies, deviations, etc.);
o Analyze of security events and leads the implementation of mitigation and remediation actions;
The Security Expert Crisis and Facilities contributes to the continuous improvement of ESSP security policies and practices, specifically in the context of the ESSP ISO 27001 certified ISMS (Information Security Management System) and Security Management System (Sec-MS) supporting the ESSP ANSP (Air Navigation Service Provider) Certificate.
The following competencies will be assessed:
o Understand, analyse and reformulate users/customers/projects’ needs and requirements
o Define and write technical documentation; have editorial capabilities
o Act as consultant and facilitate the decision making process
o Evaluate the impacts of technologies and solutions on information systems and operations
- Pro-active, autonomous, rigorous, pragmatic
- Communication skills, strong ability to work in team
- Good English Level (B2-C1) - CECRL
- Good knowledge of MS Office (Word, Excel, PowerPoint, Project and Visio)
- Good knowledge of technical security (information systems, networks, systems, web, physical security, crypto, etc.) and of cybersecurity (threats, exploits, vulnerabilities, cybersecurity detection and surveillance tools, etc.),
- Good knowledge of information security standards (ISO27000, NIST, OWASP, ANSSI, etc.),
- Good knowledge of security vulnerabilities and risks management (ISO 27005, EBIOS)
- Good practical knowledge of enterprise IT and security organization aspects (ISMS, etc.),
- Practical knowledge of ISO22301 (Business Continuity Management) is a plus
- Familiar with project management,
- Familiar with critical systems and associated constraints (space, aviation, industry, etc.).
- Security Audits
10 years of professional experience in IT security or in information systems and networks
Available to occasional travels in Europe
You can send your application file by e-mail to the following address: email@example.com
Job Location: Toulouse (France)
Type of Contract: Full time - Permanent Contract
ESSP is committed to cultural diversity, gender equality and the employment of disabled workers.
Access to this position may require a EU personal security clearance