Must Have: Hands-on experience in areas like Conducting risk analysis and assessments, implementing cybersecurity policies/controls and responding to and remediating security incidents is a must for the position
Experience with direct responsibility for hands on architecture, design, development
Experience related to Cybersecurity in general, deployment experience of security technologies
Experience with Project Management
Experience in embedded or OT/ Industrial systems (railway / aeronautics …)
Experience working with engineering teams
Competencies & Skills
Engineering Background
Knowledge of main Cybersecurity standards and regulations, such as: ISO 2700X, 62443, NIST, APTA
Knowledge of some Cybersecurity solutions and areas
Methods of Cybersecurity risk analysis Architecture concepts and techniques of systems and networks, operating systems and associated programming languages
Knowledge of the main techniques for evaluating systems security
Responsibilities
Analyze Program security needs (including laws and regulations), determine security objectives and main security risks strategy
Plan security activities within the development life cycle, estimate costs and duration, their impacts related to program execution, Identify training needs
Cybersecurity Context, and Cybersecurity Risk Analysis
Cybersecurity Architecture definition and requirement allocation
Cascading of requirements to suppliers, Manage Third Parties Risks,
Application of Cybersecurity Assurance Level
Definition of Cybersecurity Operating Procedures
Evaluation of the Project/Program achieved Cybersecurity level
Obtain agreement from Program/Customer about on the set of security measures to be implemented
Manage vulnerabilities and Cybersecurity issues and actions plan,
Manage Program Cybersecurity related communication,
Report on Program Cybersecurity status
In case of external Cybersecurity audit, manage the relationship with auditors Establish lessons learned
Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct