Safran est un groupe international de haute technologie operant dans les domaines de l'aeronautique (propulsion, equipements et interieurs), de l'espace et de la defense. Sa mission : contribuer durablement à un monde plus sûr, où le transport aerien devient toujours plus respectueux de l'environnement, plus confortable et plus accessible. Implante sur tous les continents, le Groupe emploie 92 000 collaborateurs pour un chiffre d'affaires de 23,2 milliards d'Euros en 2023, et occupe, seul ou en partenariat, des positions de premier plan mondial ou europeen sur ses marches. Safran s'engage dans des programmes de recherche et developpement qui preservent les priorites environnementales de sa feuille de route d'innovation technologique.
Safran est la 1ere entreprise du secteur aeronautique et defense du classement World's Best Companies 2023 du magazine TIME.
Safran Cabin fournit les interieurs de cabines complets, les systemes et les equipements les plus innovants du secteur. 11,000 employes mettent leur expertise au service de ses clients du monde entier, offrant des produits qui ameliorent l'experience passager et faciles à configurer sur toutes les plateformes.
Safran Cabin CISO will BE reporting directly to the Group Cybersecurity Director and dotted line to Safran Cabin EVP of IT.
The primary mission is to implement and control the cybersecurity for Safran Cabin worldwide in accordance with Group Cybersecurity Policies. The CISO is empowered to intervene on any information system in its entirety, including industrial IT (OT). The CISO oversees security audits, validating findings and follows through on remediation plans.
The CISO provides practical advice, support, information, training and warnings. The objective is to enable teams to operate in a safe and responsible way; achieving their business objectives while respecting cybersecurity requirements in the projects and the operations.
Proven skills on cybersecurity management, IT architecture, risk analysis, auditing, compliance, budget forecasting, personnel management, and project management. Experience in large multi-national companies required. The job is located in France (Paris or Toulouse).
- Experience in IT Management
- Experience in Cybersecurity implementation within AWS Cloud services
- Good technical knowledge on infrastructures and application
- Practical risk assessment framework, ITIL, ISO 27002
- Practices and methods of IT strategy, enterprise architecture and security architecture
- Knowledge of third party auditing and cloud risk assessment methodologies
- French and English languages
- Monitor and Control Cybersecurity on all sites and activities of Safran Cabin
- Control the deployment of Group Minimum Security Rules and implement the associated control plans
- Monitor the Cyber KPI every month and lead the remediation actions to reduce the gap
- Support the infrastructure and IT operation teams to implement efficient process to maintain a high level of cybersecurity (patch management, vulnerability management, compliance check)
- Establish the list of critical information systems and assets and lead the immediate remediation actions in case of critical vulnerabilities detected
- Establish and pilot an efficient organization to ensure the cybersecurity compliance of the Cloud services (AWS) according to the Group policies
- Maintain a close relationship with Safran Cabin IT organization and the business to take into account the cybersecurity early in the projects
- Develop a close relationship with Security, Product Cybersecurity and Industrial Cybersecurity to align on common objectives
- Represent Safran Cabin for internal and external cybersecurity audits
- Work closely with cybersecurity central team to relay its action on Group initiatives related to IT standardization
- Manage Cybersecurity incidents on Safran Cabin
- Piloter les actions de sensibilisation à la Cybersécurité à tous les niveaux de SCA
- Experience in IT Management
- Experience in Cybersecurity implementation within AWS Cloud services
- Good technical knowledge on infrastructures and application
- Practical risk assessment framework, ITIL, ISO 27002
- Practices and methods of IT strategy, enterprise architecture and security architecture
- Knowledge of third party auditing and cloud risk assessment methodologies
- French and English languages
- Monitor and Control Cybersecurity on all sites and activities of Safran Cabin
- Control the deployment of Group Minimum Security Rules and implement the associated control plans
- Monitor the Cyber KPI every month and lead the remediation actions to reduce the gap
- Support the infrastructure and IT operation teams to implement efficient process to maintain a high level of cybersecurity (patch management, vulnerability management, compliance check)
- Establish the list of critical information systems and assets and lead the immediate remediation actions in case of critical vulnerabilities detected
- Establish and pilot an efficient organization to ensure the cybersecurity compliance of the Cloud services (AWS) according to the Group policies
- Maintain a close relationship with Safran Cabin IT organization and the business to take into account the cybersecurity early in the projects
- Develop a close relationship with Security, Product Cybersecurity and Industrial Cybersecurity to align on common objectives
- Represent Safran Cabin for internal and external cybersecurity audits
- Work closely with cybersecurity central team to relay its action on Group initiatives related to IT standardization
- Manage Cybersecurity incidents on Safran Cabin
- Piloter les actions de sensibilisation à la Cybersécurité à tous les niveaux de SCA