In partnership with leading Air Navigation Service Providers (ANSPs) from around the world, like NAV CANADA, Italy’s ENAV, the Irish Aviation Authority (IAA) and Denmark’s Naviair, as well as Iridium Communications, Aireon is set to revolutionize the global aviation industry. In 2018, Aireon will deploy a global satellite-based system capable of tracking and monitoring aircraft around the globe, in real-time. Unlike traditional air traffic monitoring and tracking systems, which are costly to deploy over large geographic regions and limited to densely populated areas, Aireon will extend coverage to oceans, mountains, remote areas and polar regions to provide real-time, 100% visibility of aircraft anywhere in the world. This technology will create more direct flight paths, increase operational and fuel efficiency for airlines and improve safety for the flying public.
The Information Security Manager (ISM) has a critical role in ensuring the security of Aireon’s core service systems, networks, and data (in-transit & at-rest). Additionally, the ISM oversees corporate systems to ensure that both internal systems and external systems (website, cloud-based elements) are operating in the most secure manner possible. Reporting to the Director of Operations, the ISM will be responsible for the secure operations of a global data distribution system that provides air surveillance and safety-of-life-critical air traffic control (ATC) data to Air Navigation Service Providers (ANSPs) and other commercial and general aviation customers located across the globe.
The ISM develops, coordinates, and evaluates policies, procedures and standards to monitor and ensure protection of all Aireon information assets. This individual collaborates with all organizations, internal and external, necessary to defend against information security incidents as well as identify, analyze, communicate, and contain these incidents when they occur. The ISM will oversee the Information Security function of Aireon’s Service Management System (ASMS), providing line management, leadership, and operational direction and liaising closely with other Aireon and partner/sub-contractor managers.
Communication and adeptness at working with a variety of personalities and skillsets across multiple organizations and locations in a fast-paced, start-up environment will be a key part of this role.
Work closely with Aireon personnel, sub-system developers, partners, and external vendors to develop, implement, and manage information security policy, plan, process, procedures, and tools
Monitor Aireon core service and corporate systems/networks/data and identify threats, intrusion attempts, and other security risk activities
Mitigate risks and threats upon detection and communicate to management in a timely manner
Work with Aireon’s Safety Manager and Safety Action Group (SAG) to communicate and coordinate all captured issues/incidents to ensure appropriate safety-related assessment and response
Liaise with Aireon and sub-system vendor management and offer recommendations on information security matters such as routine security activities, emerging security risks and control technologies
Manage and coordinate efforts in support of external audits and assessment activities; provide audit response and ongoing guidance on solutions to achieve and maintain security compliance, to mitigate information security risks, and to correct compliance exposures and gaps
Form the Aireon Information Security Group to offer internal management consultancy, advice, and practical assistance on information security risk and control matters throughout the organization; promoting the commercial advantages of managing information security risks more efficiently and effectively
Lead suitable information security awareness, training and educational activities
Lead activities relating to contingency planning, business continuity management and IT disaster recovery in coordination with relevant Aireon functional and third party managers
Ensure the compliance of all applications, systems and network infrastructure with security policies, standards and procedures
Function as the enterprise information security subject matter expert; consulting with technology and business leaders on all information security related issues and concerns
Lead or coordinate the evaluation of and provide recommendations for security technologies and processes to respond to existing and new risks
Manage information security system implementation projects
Strong oral and written communication and presentation skills, ability to interact and communicate with all levels of company personnel in a professional and tactful manner
Experience in leading the response to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail required
Strong understanding of current information security theory, best practices, and standards
Knowledge of security practices and methodologies, security controls and architecture including the use of intrusion detection/prevention and other defenses
Experience with security administration across multiple operating systems on distributed systems
Experience with conceptual security design considerations in firewalls, LAN, WAN, File Server, PC, UNIX, MPLS, TCP/IP and VPN environments
Ability to quickly learn and apply Aireon’s safety culture
Keep and analyze accurate records, document customer service actions and discussions, and compile and distribute accurate reports
Control resources and utilize assets to achieve qualitative and quantitative targets
Demonstrate initiative and detail-orientation to ensure quick resolution of issues and successful project completion
Ability to work as part of a team comprised of internal and external resources located in multiple geo-graphic locations and time-zones
Ability and motivation to work in a fast-paced, start-up entrepreneurial environment
Ability to take on additional roles related to technical system development and operations to fill resource gaps as needed
Proactive communicator with strong written and verbal skills
US Citizen or U.S. permanent resident
BS in Computer Science or related field preferred – MS preferred
Professional certification, such as CISSP, CISM, CISA, CRISC, or other information security credentials
Recent experience with legal and regulatory frameworks such as EU Privacy, Sarbanes-Oxley, ITAR and knowledge of IT control frameworks such as COBIT, NIST, ITIL and ISO 27001 preferred
10-15 years of IT, data services, and business/industry work experience
5-7 years managing IT and/or information security for data services company – preferably operating in a distributed environment with global customer base
Ability to obtain Position of Trust clearance
Aireon is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identity or status as a protected veteran. EOE of Minorities/Females/Vets/Disability and other protected categories.