Cyber Security Architect – Regional IT & Network Security Consultant

About the role

The Regional IT & Network Security Consultant will shape and assure the cyber security posture of Airbus' global IT infrastructure across India and South Asia. You will provide strategic consultancy, embed Security‑by‑Design principles, and lead risk management for complex enterprise environments.

Key responsibilities

• Act as the cyber security focal point for infrastructure, cloud (Azure, AWS, GCP), identity & access management, and SaaS projects across the region.
• Design, architect, and review solutions using a risk‑based methodology, challenging network segmentation, access controls, and data flow.
• Promote and implement the Security‑by‑Design framework, balancing robust defence with operational feasibility.
• Develop, manage, and publish Airbus security standards and blueprints in collaboration with product managers and solution architects.
• Perform threat modelling and security audit reviews, linking technical vulnerabilities to organisational risk.
• Lead the adoption of Zero Trust architecture across network and application layers.
• Provide guidance on securing hybrid cloud environments, including network security groups, micro‑segmentation, and secure transit.
• Secure critical IT systems such as Active Directory, virtualization platforms (hypervisors/VDI), and container orchestration (Kubernetes/Docker).
• Ensure enterprise connectivity security, covering MPLS/SD‑WAN, firewalls, IDS/IPS, and proxy configurations.

Required profile

• Bachelor's or Master's degree in Computer Science, IT, Cyber Security or equivalent.
• Minimum 10+ years of hands‑on experience in cyber security, with a strong focus on IT infrastructure.

Required skills

• Azure, AWS, GCP cloud platforms
• Identity and Access Management (IDAM) and SaaS security
• Zero Trust architecture principles
• Network security groups and micro‑segmentation
• Secure transit between on‑premises and cloud
• Active Directory
• Hypervisors and VDI virtualization
• Kubernetes and Docker container orchestration
• MPLS and SD‑WAN connectivity
• Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Proxies
• Threat modelling and risk‑based security methodology