Chief Information Security Officer Zodiac Aerospace
Huntington Beach, CA

Job Description

Safran is an international high-technology group, operating in the aircraft propulsion and equipment, space and defense markets. Safran has a global presence, with more than 92,000 employees and sales of 21 billion euros in 2018. Working alone or in partnership, Safran holds world or European leadership positions in its core markets. Safran undertakes Research & Development programs to meet fast-changing market requirements, with total R&D expenditures of around 1.5 billion euros in 2018.

Safran is ranked among the Top 100 Global Innovators by Thomson Reuters and is featured on the "Happy at work" rankings. The Group places fourth on the Universum ranking for the favorite companies of newly-qualified engineers in France.

Safran Cabin provides all elements of a seamlessly integrated Cabin Interior. From the overhead bins, lavatories and galleys to crew rests and cargo containers, either as independent world class products or as a fully integrated cabin. The company is headquartered in Huntington Beach in Southern California, USA and operates 30 sites in 11 countries. The over 13.000 employees across the globe serve virtually all the airlines, aircraft leasing companies and airframe manufacturers worldwide.

RESPONSIBILITIES:

The primary mission is to define the information system security policy for Safran Cabin worldwide in accordance with applicable government and export control regulations as well as the global Safran IS security strategy. The CISO ensures deployment and is empowered to intervene on any information system in its entirety. The CISO oversees security audits, validating findings and follows through on remediation plans.

The CISO provides practical advice, support, information, training and warnings. The objective is to enable teams to operate in a safe, responsible way; achieving their business objectives while respecting security requirements.

Proven skills in research, architecture, program development, risk analysis, auditing, compliance, budget forecasting, personnel management, and project management. Experience in large multi-national companies required. French language skills preferred.

MAIN ACTIVITIES:

* DEFINE SECURITY POLICY
* Define targets and requirements
* Define and deploy procedures
* Participate in the security organization and strategy
* Represent SAFRAN Cabin in SAFRAN Group IS Security matters
* Prepare financial forecasts for security operations and proper maintenance cover for security assets
* RISKS ASSESSMENT
* Evaluation of risks and threats
* Propose effective solutions to ensure IS security
* Validate information system architectures implemented by SAFRAN Cabin
* Take over and standardize the traffic intersection between Safran and DFARS/ITAR enclave sites
* Report DFARS breaches to the US Government Department of Defense
* Establish disaster recovery and preventive plans
* INCIDENT MANAGEMENT
* Develop strategies to handle security incidents and coordinate investigative activities
* Act as a focal point for IT security investigations and direct a full investigation with recommended courses of action
* INFORMATION SECURITY AWARENESS AND TRAINING
* General Management awareness
* Training of the operation and business departments
* Define the IS security charter
* Organize security awareness sessions
* Advise and support IS Teams
* Enable the business to classify their data and key intellectual property
* DEFINES MEANS AND RECOMMENDATIONS
* Technical validation of security tools
* Define security norms and standards
* Participe in defining security rules and policy at company and group level
* AUDIT & CONTROL
* Control that the teams have taken all means to manage the security
* Audit company IS security and vulnerabilities and follow up action plans
* Ensure the availability of information security plan
* TECHNOLOGICAL WATCH AND PERSPECTIVES
* Follow technical and regulation evolutions in the security area
* Monitor necessary evolutions to ensure logical and physical security of the information system as a whole.

SKILLS

* Practices and methods of IT strategy, enterprise architecture and security architecture
* Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
* ISO 27002, ITIL and COBIT frameworks
* Windows, UNIX and Linux operating systems
* C, C++, C#, Java and/or PHP programming languages
* Firewall and intrusion detection/prevention protocols
* Secure coding practices, ethical hacking and threat modeling
* TCP/IP, computer networking, routing and switching
* Network security architecture development and definition
* Knowledge of third party auditing and cloud risk assessment methodologies

EXPERIENCES

8 years minimum

CERTIFICATIONS

* CCISO: Certified Chief Information Security Officer
* CISM: Certified Information Security Manager
* CISSP: Certified Information Systems Security Professional
* AWS Specialty Certification - Security

Equal Employment Opportunity and Affirmative Action Statement

It is the policy of Safran to provide equal employment opportunity to all individuals regardless of their race, color, religion, sex, sexual preference, gender identity, pregnancy, age, national origin, disability, military or veteran status, citizenship status, genetics, or any other characteristic protected by applicable federal, state, and local laws. We are strongly committed to this policy and believe in the concept and spirit of the law.

If you are applying for a job in the United States and need a reasonable accommodation for any part of the employment process, please email our Human Resources Department at support.zephir@zodiacaerospace.com and let us know the nature of your request and contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

ID: DOTH - 16689