We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions.
Joining us means joining a truly global community of more than 38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact
Purpose of the Job
Organize and manage Cybersecurity activities during Project
WHAT ARE MY RESPONSIBILITIES?
The Project Cybersecurity Manager is the point of contact of the Project for cybersecurity related subjects.
Establish the project Cybersecurity Management Plan
Ensure that applicable security requirements, security rules (including laws and local regulations), security guidelines, security information, etc.
are distributed to project stakeholders and ensure compliance.
Plan security activities and manage the definition of the most efficient system architecture related to cybersecurity requirements of the contract.
Obtain agreement from internal stakeholders about targeted maximum residual risks level, cybersecurity risks to be addressed (risk management) and security measures to be implemented.
Review of Cybersecurity Risk Analysis and Evaluation Report, evaluate project and business impacts of technical vulnerabilities identified as part of technological monitoring activities
Review deployment documents (Design, RAM, V&V) from a cybersecurity perspective
Define and follow-up action plans to close the cyber security issues
Ensure Cybersecurity awareness been propagated to Alstom team and suppliers
Organize the capture of experience feedback and the implementation of continuous improvement plans for Cybersecurity aspects
Member of the Change Control Board (CCB), in charge of evaluating Cybersecurity related impact of Change Request (CR) and following them up to closure
Responsible for Cost / Quality / Delay Deliverables Cybersecurity for allocated projects
To be the technical interface with the customer for the Cybersecurity domain
WHAT DO I NEED TO QUALIFY FOR THIS JOB?
University / Engineer in degree level
Cybersecurity certification such as : GICSP, CISSP, GSEC, CISM
12+ years total experience in information technology and security. Experience with direct responsibility for hands on architecture, design, development.
Experience related to management of cybersecurity in general, deployment experience of security technologies.
Management of Quality, cost and delivery
Methods of Cybersecurity risk analysis
Knowledge of some information security areas such as risk / vulnerability assessment, threats, recovery, risk & compliance reporting, identity management, intrusion detection / prevention, etc.
Knowledge of cybersecurity standards (ISO 2700X, IEC 62443, NIST, etc.)
Familiarity with security products and protocols.
Knowledge of industry best practices, methodologies, tools, etc. in the field of cybersecurity
Strong documentation (written) and presentation (verbal) skills
Ability to collaborate across traditional engineering functions.
Ability to communicate effectively with customers, vendors and internal stakeholders.
Cybersecurity certifications desirable (GICSP, CISSP, GSEC, CISM)
Dynamic, autonomous. Ability to work in a complex and cross functional environment.
Language Skills : Proficient in English language
IT Skills : MS office tools (Word, Excel, PowerPoint)
No "NO GO" for Cybersecurity reasons in Gate Reviews
Quality of Cybersecurity deliverables, in time
Achievement of Project targeted level of Cybersecurity
Assessment findings : Low rework due to external or internal assessments
Vulnerability management is in place
Respect of Cybersecurity activities QCD commitment
Cybersecurity issues / incident resolution
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.
We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
Job Segment : Risk Management, Manager, Project Manager, Information Security, Finance, Management, Technology