Director, Product Cybersecurity reports to the IFE CTO and is responsible for the design, development and delivery of a comprehensive cybersecurity framework with its intended purpose to protect IFE products, data and infrastructure from cyber-attacks and intrusions. The Director, Products Cybersecurity will also ensure that IFE complies with Thales policies and applicable regulatory requirements regarding data access, security and privacy. The scope of this IPT responsibility includes all IFE products and services, including wired and wireless systems onboard and off-board the aircraft.
• Manage the cybersecurity IPT for InFlyt Experience – scope, budgets, schedule and risk elements
• Implement product security standards, policies (administrative, safeguards, technical), processes (compliance, incidents, testing) and mechanisms (data at rest, in motion, in use)
• Maintain awareness of current vulnerabilities, response mechanisms, mitigation strategies, new technologies, trends, innovations and the changing aviation cybersecurity threatscape
• Communicate internally regarding critical cybersecurity incidents impacting the solution or product sub systems, and where appropriate, summarize for external communication 24x7x365 as needed
• Responsible for continuous evolution of value-added cybersecurity solutions, roadmaps and supporting skills in the cybersecurity IPT
• Assess cybersecurity capabilities within IFE and develop and execute plans to increase cybersecurity awareness and expertise within the IFE organization
• Represent IFE cybersecurity in coordination with Thales internal counterparts in AVS/SIX/TGS GBUs and TUSA to achieve compliance to group security standards.
Skills and Experience:
• Domain knowledge in cybersecurity principles, risk assessment, testing, risk, risk mitigation and threat response
• Previous experience in cybersecurity solutions implementation in a product domain
• Demonstrated leadership behaviors: shaping solutions out of complexity, ambitious and accountable, perform through cooperation, influence key stakeholders, engage and develop teams
• Strong presentation and written communication skills and effective interaction, internal and external, with all levels of management
• Coordination and protection of critical, confidential and sensitive information spanning multiple parties
• Strong critical thinking and analytical skills with pragmatic and prioritized actions
• Develop metrics to measure effectiveness and efficiency and deploy actions to reach agreed target levels
• Bachelor’s Degree in information technology, computer science, engineering or related discipline
• Minimum of 8 years of progressive responsibilities in information security, risk management or engineering
• Demonstrated experience and knowledge in understanding global cybersecurity programs, including technologies, tools, architectures, network and application design, standards, policies, processes and business aspects of risk
• Leadership experience in a dynamic, matrixed, corporate environment
• Presentation and communication experience at all levels including Executive leadership
• Certified Information Systems Security Professional (CISSP) is required or active pursuit with completion required within 6 months of assuming this position.
Desired qualifications
• Master’s Degree in information technology, computer science, engineering or related discipline
• Familiarity with Payment Card Industry (PCI) certification requirements
• Certified Information Security Manager (CISM) or Certified Information Systems Security Officer (ISSO) or related certifications or active pursuit of one or more of these certifications
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
