1

Chief Information Security Officer China - (local conditions)

1257 Airbus (China) Enterprise Management and Services Co.Limited
Full-time
On-site
Beijing China

Job Description:

Job description : Airbus China Chief Information Security Officer (China CISO)

Job title: Airbus China Chief Information Security Officer (China CISO)

Direct Reporting: Airbus China Region Head of Security

Functional reporting: Corporate Chief Information Security Officer

Site based position: BEIJING / TIANJIN

Digital Security @ Airbus

Are you interested in working with leading experts to protect Airbus against an ever evolving cyber threat and be part of the Digital Security team combining IT, industrial manufacturing, product and people security? Are you willing to work in a multicultural environment? Are you ready to take on a new and exciting challenge?

Airbus gives you the opportunity to apply your expertise and develop your skills and competencies!

Airbus is a leader in the aerospace & defence sector, offering many challenging opportunities and providing numerous benefits to its employees, such as: development and training, unique challenges, world wide scope, access to key markets, mobility opportunities, and last but not least, a respectable work-life balance.

Accountabilities

The role is directly reporting to the Airbus China Region Head of Security, and is primarily accountable for maintaining the cyber security risk down to an acceptable level for assets under his area of responsibility.

In addition to the direct reporting, the China Chief Information Security Officer (China CISO) has a dotted reporting line to the Corporate Chief Information Security Officer (Corporate CISO).

Is accountable on Digital Security related topics across IT, Industrial, Product & Services and People & Workplace for all Airbus Divisions and their controlled or joint controlled affiliates in China Region.

The China CISO acts on behalf of the respective Division CISOs for Division specific topics.

Digital Security Strategy, Operating Model, and Risk ( 60%)

  • Adapt and execute locally the Digital Security strategy, in line with the worldwide Corporate and Divisional Digital Security strategies

  • Translate the Digital Security strategy into operational priorities in CHINA

  • Ensure the operational strategy implementation (activities, projects, initiatives, etc.)

  • Arbitrate and prioritize Digital Security operations and hot topics

  • Drive a consistent overall planning, adherence and operating model of the China Digital Security operations, derived from a transparent and shared business risk-based framework and priorities in collaboration with local IM, Industrial, Products & Services and People & Workplace representatives, where relevant

  • Collect, monitor, manage and report Digital Security risks to Corporate and to the relevant Divisions

  • Represent respective Division CISO and coordinate accordingly for Divisional specific digital security topics in CHINA.

Legal & Compliance (20%)

  • Ensure compliance with Airbus internal policies and Directives

  • Represent Airbus and interact with regional digital security authorities and local Joint Venture partners

  • Ensure compliance with Regional Digital Security laws and regulations

Financial resources (10%)

  • Define Airbus China digital security budgets and liaise with relevant local and Corporate stakeholders (incl. Corporate CISO)

  • Consolidate and coordinate local operational Digital Security budgets, and arbitrate on priorities

Human resources, talents & competences ( 10%)

  • Coordinate and animate the local Digital Security team

  • Be part of the nomination process for relevant Digital Security stakeholders in China

Responsibilities

Digital Security Strategy, Operating Model, and Risk

  • Ensure compliance with Digital Security Corporate and Divisional requirements / standards

  • Enable business and transformation on Digital Security matters

  • Ensure timely deployment of Corporate Digital Security initiatives

  • Ensure business projects undergo the appropriate Digital Security validation processes

  • Coordinate and facilitate China Digital Security initiatives and programmes

  • Identify and consolidate Digital Security risks and their related response plan in CHINA

Financial resources

  • Manage and monitor Digital Security budgets in CHINA.

  • Define and implement a local Digital Security Make or Buy strategy, derived from and aligned with the Corporate and Airbus China Make or Buy strategies

  • Provide regular updates on budget consumption and/or changes per security assets to Corporate and relevant stakeholders

Internal & external collaboration

  • On an operational perspective, coordinate with the relevant Division CISOs when necessary

  • Engage in the Airbus CISO worldwide community

  • Collaborate with Corporate and Divisional Digital Security stakeholders & communities to identify and strengthen worldwide synergies, in terms of Digital Security capabilities, including:

    • Enterprise security architecture ;

    • Detection and response (incl. SOC and CERT) ;

    • Digital security evaluation and tests ;

    • Risk, vulnerability and critical asset management ;

    • Cybersecurity innovation and scouting ;

    • Digital security office (project management & competencies development)

  • Collaborate with local IM, Industrial, Products & Services and People & Workplace representatives, where relevant on the following topics:

  • Share local Digital Security constraints, challenges, opportunities, best practices and needs with peers

    • Manage external communication and engage with internal Airbus teams and employees on Digital Security topics in CHINA

    • Enhance Airbus Digital Security footprint by the means of publications, presentations, external engagements, etc… in CHINA

    • Influence lobbies and contribute to drafting new national regulations and standards which can have an impact on Airbus Digital Security matters

  • Collaborate with relevant Airbus Regions & Countries on Digital Security topics

  • Collaborate with the Corporate Security Awareness team to provide support for Security Awareness activities and communications in CHINA, as required

Human resources, talents & competences

  • Facilitate the recruitment of Digital Security profiles, in line with the local, affiliate and corporate recruitment plans, and inform relevant stakeholders on the headcount and recruitment status

  • Report on Corporate security objectives achievements to Corporate CISO during annual review meeting

  • Report to Corporate and relevant stakeholders on local attractiveness & retention, competence & development, diversity & inclusion issues and recommendations

  • Adapt, tailor and execute locally the Corporate attractiveness & retention plan, the competence & development plan and the diversity & inclusion plan and provide feedback on local specificities

Outputs

  • Region Digital Security strategy & governance implementation

  • Region Digital Security priorities definition and achievement of objectives

  • Region Digital Security financial resources (budgets & Make or Buy strategy)

  • Region attractiveness & retention, competence & development, diversity & inclusion actions & status

  • Region Digital Security reporting on local capabilities

  • Digital Security publications, presentations, external engagement, benchmarks

  • Region Digital Security operations risk dashboard

  • Applicability assessment and tailoring proposal for Corporate and Divisional Digital Security standards

  • Digital Security synergies with Corporate and Divisional existing initiatives

  • Local Digital Security constraints, challenges, opportunities, best practices and needs

Profile

Knowledge

  • Master's Degree in Information Security or equivalent experience

  • English: Excellent communication

  • French, German and/or Spanish is a plus

Experience

  • +10 year of experience in management role

  • +10 year of experience in cybersecurity

  • Aerospace and Defense background is a plus

Leadership skills

  • Stakeholder Management

  • Planning and Strategic Management

  • Organization, Resources (headcounts and budget) Management

  • Communication and presentation skills

Technical skills

Solid background is required in :

  • Cybersecurity Risk management (assessment methods, risk treatment options)

  • Project Management, Processes, Method and tools

  • Security awareness & communication

  • Cybersecurity audit

  • Cybersecurity standards and applicable regulations

National accreditations (or eligibility) are a plus.

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

Airbus (China) Enterprise Management and Services Co.Limited

Employment Type:

Permanent

-------

Experience Level:

Professional

Job Family:

Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Apply now
Share this job
Twitter Facebook Linkedin Email