Job Description

- Enforcement of Safran Security strategy, policies, standards and procedures
- Leading the Worldwide initiative to achieve NIST 800-171 and CMMC compliance
- Management of all security incidents effecting North American sites
- Recommending security projects to address vulnerabilities
- Ensuring effective management of all security equipment/solutions utilized by the North American sites
- Working with other IS groups, the incumbent will also be responsible for all required security documentation, policy enforcement and approvals of systems/projects from a security perspective.
- Establishing themself as the Security authority and provide guidance to other departments such as Compliance, Programs, Commercial, Engineering, Operations and IS for all security related topics

External Information System Security compliance
•Responsible for leading all worldwide initiatives related to customer or regulatory compliance related to CMMC, NIST or other US DoD requirements.
• Responsible for defining the scope of projects required to meet customer or regulatory needs at the North American sites.
• Responsible for creating the security design proposals and presenting these proposals to the Chief Information Security Officer to gain approval.
• Responsible for approving all required technical architecture documentation, network diagrams, information flow diagrams, security sheets, change controls, DRP Documents, trainings or hand-over documentation to support a security project transition into production.
• Participate in all security related project steering committees, ensuring security compliance and ensuring security projects are completed in line with customer or regulatory deadlines.
• Preparing presentations to present customer or regulatory status and to present this status to IS Management and Senior Executive team.

Internal Information System Security Compliance:
• As Information System security referent, working with customers, regulatory authorities or Global IS security group to ensure security compliance at the North American sites.
• Responsible for definition of all security projects required to meet the required compliance levels.
• Responsible for definition, application and enforcement of IS security policy as well as development of all required security documentation needed to support the process.
• Responsible for reviewing/authorizing infrastructure design proposals, advising the global CISO about the proposals and providing guidance to IS project teams from a security perspective.
• Responsible for auditing of security systems/solutions and reporting of audit results as requested by the Global CISO.

Job Requirements

5-7 years of experience in a similar role and at a similar level
A recognized University degree, preferred in Computer Engineering, Computer Science, Industrial Engineering
- Excellent problem-solving skills.
- Experience in various IT/IS disciplines, technologies, and platforms (Infrastructure, networking, firewalls, communication protocols, databases and mobility).
- Experience with implementing/managing security for applications, IS infrastructure, Active Directory or cloud based solutions (in particular AWS / GOV Cloud).
- Working knowledge of mainstream Firewall technologies
- Specific experience with ISO 27k, NIST SP 800-171 or CMMC standards and implementation of said standards.
- Knowledge of industrial domain security related to manufacturing facilities.
- Excellent communication skills.
- Innovative mindset and persistence.
- Decision making skills.
- Planning and organization
- Analytical Skills.
- Customer service and continuous improvement mindset.
- Technical Writing Skills. (Specifically related to IS projects)
- Teamwork
- Ability to concurrently project manage a diverse list of items.
- Able to collect and translate business requirements.
- Flexibility, ability to change focus and adopt to changing corporate priorities.
- Time Management skills.
- Excellent communication skills required for interactions with target audiences from end users to IS Management, with IS personnel at other SLS sites, suppliers, contractors or customers
- Must be able to meet Services Canada CGR requirement to a NATO level clearance.

All items listed below will be considered an asset:

- CISSP, CISM or equivalent specialized training
- Security accreditations in AWS / Gov Cloud, Cisco, Microsoft etc.
- Good working knowledge of Windows operating systems.
- Good working knowledge of networking concepts including an understanding of TCPIP and the OSI networking model.
Specialized knowledge in networking and computer hardware listed below:
- Common security firewalls and network devices
- Remote working solutions
- Database security.
- Network VLAN methodologies
- Certificate management
- IP Phone System security
- UNIX/Linux Operating system security
- Specific knowledge of implementing requirements to satisfy NIST SP 800-171 or CMMC Level 2 standards.
- Specialized knowledge with ensuring security of (IaaS/PaaS/SaaS) cloud solutions on either AWS / Gov Cloud or Azure platforms.
- French language proficiency

But what else? (advantages, specific features, etc.)

• Responsible for leading and managing security awareness campaigns.
• Responsible for facilitating security awareness trainings.
• Security Equipment Management
• As authority & referent, providing guidance to other IS infrastructure experts who manage firewall, switch or proxy solutions.
• Pro-active monitoring and development of action plans to address any gaps in the solutions/processes.
• Pro-active review of all alerts and messaging to ensure compliance to export control requirements.
• Working with the global security team to ensure security solutions like anti-virus and encryption are working correctly.
Incident Responce:
• Work with the Global SOC team to resolve security incidents and recommending improvements to avoid re-occurrence of the same incident.
• The incumbent will be responsible for the proper recording and escalation of incidents to the Global CISO or deputy.
• The incumbent will be required to carry a work cell phone to remain connected with local/global security notification groups.

Company Information

Safran is an international high-technology group, operating in the aviation (propulsion, equipment and interiors), defense and space markets. Its core purpose is to contribute to a safer, more sustainable world, where air transport is more environmentally friendly, comfortable and accessible. Safran has a global presence, with 100,000 employees and sales of 27.3 billion euros in 2024, and holds, alone or in partnership, world or regional leadership positions in its core markets.
Safran is in the 2nd place in the aerospace and defense industry in TIME magazine's "World's best companies 2024" ranking.

Safran Landing Systems is the world leader in aircraft landing and braking systems. Its expertise covers the entire life cycle of its products, from design and manufacturing to maintenance and repair. The company has partnerships with more than 25 airframers in civil, regional, commercial and military transport, supporting more than 35,000 aircraft and making over 100,000 landings every day