Job Description

Req ID: 362808
We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
What are my Responsibilities?

• Define cybersecurity architecture and design principles during project execution which includes,

Proposal of technical solution in-line with cybersecurity design directives and project contractual requirements
Design, implement and maintain cybersecurity architecture on projects. Collaborate across traditional engineering functions.

• Perform and then maintain Cybersecurity Risk Analysis
• Analyse requirements and evaluate COTS products in line with project needs (e.g. syslogger, IDS, IPS, firewall, SIEM, etc.).
• Participate to design reviews with cybersecurity point of view and challenge technical choices.
• Support security engineering tasks for configuring/hardening of devices such as firewalls, IDS/IPS, SIEM, servers, routers, switches, etc.
• Support to technical issues, customer queries, vulnerability management, incident response, supplier assessment, new regulations, etc.
• Co-ordinate with global Alstom cybersecurity management team for new evolutions.
• Support tender team on cybersecurity solution for Alstom bids/tenders in railway domain, including identification of gaps and technical proposals.

What do I need to qualify for this job?
Minimum Requirement

• 10+ years experience in information technology and security
• Knowledge of information security areas such as security plan, systems security risk/vulnerability assessment, authentication and encryption, network access control, intrusion detection, threats, etc.
• Knowledge of cybersecurity standards (ISO 2700X, IEC 62443, NIST)
• Hands on exposure to security products such as IDS/IPS, Syslogers, Controllers, WIPS, SIEM, Firewalls, etc.
• Knowledge of security protocols (radius, VPN, IP-SEC, SSH, etc.).

Preferable Requirement
Knowledge or Experience in embedded or industrial systems (railway / aeronautics ..)

• Familiarity with operating systems (Windows, Linux), log/event analysis and packet analysis tools (Wireshark, tcpdump, etc.)
• Knowledge of industry best practices, methodologies, tools, etc. in the field of cybersecurity
• Strong documentation (written) and presentation (verbal) skills
• Ability to collaborate across traditional engineering functions.
• Ability to communicate effectively with customers, vendors and internal stakeholders.
• Cybersecurity certifications desirable (GICSP, CISSP, GSEC, CISM, ...)
• Knowledge of networking / network design will be an added advantage

An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.