PASSI Advisor/Senior Cybersecurity Consultant

Company Details

RHEA Group is an international leading Space and Security engineering organisation providing engineering services and customised technology solutions enabling the design, operation and utilisation of space systems and other critical infrastructure. We attract skilled engineers, scientists and management professionals worldwide; and offer a range of exciting career paths within our organisation and working alongside clients such as the UK Space Agency, the European Space Agency, the European GNSS Agency, NATO, the European Commission, EUMETSAT, etc.

Are you looking for a new opportunity in a fast-moving global company with a family feel? A job where you could have an impact?

We are looking for a PASSI Advisor/Senior Cybersecurity Consultant to work in Toulouse, France.

This position is available for hybrid working.

Tasks and Activities

The scope of work will include:

  • Leading and performing PASSI RGS and LPM certification audits on the different PASSI scopes: physical and organizational security, technical infrastructure and configuration.
  • Supporting RHEA in its ANSSI qualification objectives.
  • Supporting the development of the business by actively contributing to the pre-sales process (in response to specifications) and participating in the continuous improvement of the service offer and tools of RHEA France and the rest of the Group.
  • Contributing to and supporting the governance (GRC) of Information Systems Security in the context of defence projects as well as French and European space programmes:
    • Participating in the definition and implementation of Cyber Master Plan in space, as well as monitoring indicators and associated action plans.
    • Writing the information security governance documents in the framework (Security Policy and ISO27001/31000 documentation).
    • Accompanying our clients in compliance with SSI benchmarks (e.g. PCI DSS, ISO 2700x, RGPD, NIST, NIS, LPM).
    • Accompanying, piloting and producing security approval files (France, NATO, EU) for complex and critical systems (note: proven experience of risk analysis methods such as EBIOS/27005 are essential).
  • Conducting IS security awareness and training campaigns.

Skills and Experience

The following skills and experience are mandatory:

  • Degree in engineering or university Bac+5 in a relevant subject (network security or cybersecurity) from a recognized institution.
  • At least 5-7 years of relevant experience in a consulting firm in the tasks mentioned above.
  • Significant experience in developing security policies, governance and technical and normative audits in IT and critical/industrial systems.
  • Practical experience in writing security requirements and standards, processes and procedures.
  • Excellent knowledge of IT and OT technologies (network and security infrastructure, IoT, industrial systems).
  • Excellent knowledge and experience of ISO 2700x.
  • Curiosity, ability to analyze, summarise and adapt (human, technological and normative).
  • Excellent interpersonal skills and ability to manage a team operationally.
  • An organized, dynamic, proactive and solution-oriented attitude.
  • The ability to travel mainly in France, Europe and North America.
  • French and English (C1).

The following skills and experience would be highly desirable:

  • Qualifications: Experience as PASSI auditor (all scopes appreciated).
  • Certifications: CISSP, CISA, CISM, ISO, CRISC, CHFI, CEH, OSCP, PMP.
  • Previous working environment: Defence, Space and Industry.
  • Methods and standards: ISO15408, MEGERIT, MEHARI, CRAMM, OCTAVE, ISO 31000, Common Criteria and NIS.
  • Regulations: IGI1300, II 901, IGI6600 (SAIV).
  • Technologies: xDR, SIEM, Cloud, 5G/6G Security, CTI, SOC, OSINT, Quantum Key Distribution, R/F Security, Zero Trust.
  • Skills: Pentest and forensics analysis.
  • Excellent cyber awareness and versatility.

Why should you apply?

  • You will have the opportunity to work within a major institution.
  • We encourage everyone to think outside the box and to push the boundaries of traditional knowledge. This role is an opportunity to join a forward-thinking company and allows for a deeper understanding of the industry.
  • Benefits include: competitive remuneration packages; unique career opportunities, including working in other countries; personalized training and development programmes; flexible relocation support.

We welcome applications from people with disabilities, members of ethnic minorities, all genders, LGBTQ+ individuals and ex-service personnel.

Visit Us On LinkedinVisit Us On FacebookVisit Us On Twitter