Domain Leader Cybersecurity

We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.

Job Title: Domain Leader - Cyber Security

Organisation Reporting
Hierarchical - He/she reports to the Site TC& IS Metier Manager (SMM)
Functional - He/she reports to the Site TC& IS Metier Manager (SMM)

Network & Links
Project Engineering Managers (PrEM)
Train Control Engineers (TCE) /Train System Engineers (TSE)
Central TC&IS team
Leaders of other Domains on his/her site
Leaders of the same Domain on other sites

Performance Measurement KPI’s
Global workload management of his/her team :Capacity = workload ± 10%
Workforce staffing ramp-up at project start up :(Capacity = workload) at T0 + 1 month
Level of application of standard process & tools :100% standard process & tools applied
Return of Experience (REX) management between projects :ZERO missing REX between projects

Responsibilities
Accountable for :
Key accountabilities: 
Analyze Project / Program security needs (including laws and local regulations), determine security objectives and main security risks strategy
Plan security activities within development life cycle, estimate costs and duration, their impacts related to project program execution, Identify training needs 
Is responsible for Cost / Quality / Delay of Project/Program Cybersecurity deliverables, as needed per  Project / program  context :  

• Cybersecurity context, and Cybersecurity Risk Analysis 
• Cybersecurity Architecture definition and requirement allocation
• Cascading of requirement to suppliers,  Manage Third Parties Risks,
• Application of  Cybersecurity Assurance Level 
• Definition of Cybersecurity Operating Procedures
• Evaluation of  the Project/Program achieved Cybersecurity level

Provide support during technical design meetings for cybersecurity activities
Obtain agreement from Project/Program/Customer  about on the set of security measures to be implemented 

• Manage vulnerabilities and Cybersecurity issues and actions plan, 
• Manage Program / Project Cybersecurity related communication, 
• Report on Program / Project Cybersecurity status
• In case of external Cybersecurity audit, manage the relationship with auditors Establish lessons learned
• Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct.

Key Job Authorities and Dimensions 

• Responsible of the QCD of its project/program Cybersecurity Work Package
• Functional animation of Cybersecurity Engineer team (typically from 1 to 5)

Performance measurements:  

• No "NO GO" for Cybersecurity reasons in Gate Reviews
• Quality of Cybersecurity deliverables, in time
• Achievement of Project/Program targeted level of Cybersecurity 
• Assessment findings : Low rework due to external or internal assessments
• Vulnerability management is in place
• Respect of Cybersecurity activities QCD commitment 
• Cybersecurity issues/incident resolution

Responsible for :
Assigning the resources (staff, tools, …) for executing Projects engineering WP of his/her Domain
Managing the workload, including the sub-contracted part (technical assistance or work-package)
Contributing to the sub-contracting strategy in liaise with Sourcing
Evaluating performance and setting objectives of his/her team
Defining the training plan appropriate to his/her team’s needs and Alstom strategy
Networking with other sites to share workload, Return on Experience and Technology topics
Proposing to the Site TC&IS Manager the investments for HW & SW necessary to ensure the deliveries on projects conducted by the
Site.
Managing his/her Domain by using regularly updated KPIs related to his/her Domain
Keeping be informed of the QCD of Projects his/her team contributes to, in order to propose improvements, if necessary
Initiating and following up action plans to solve issues common across projects and/or improve results in projects
Managing and sharing the RoE of his/her activities with Central TC&IS
Proposing improvements on his/her Domain process and tools defined by Central TC&IS

Knowledge & Experience
Experience of hands-on activities of his/her Domain activities on multiple projects (at least 2 years in Railways or Automotive domain)
like :

• Sub-system : requirement gathering, specification, architecture
• Software : software development
• Schematics & Apparatus : electrical development, notions of manufacturing
• Verification & test : test specification, hardware-software integration
• Experience in team and project management (at least 5 years).
• Familiarity with Domain modelling tools and Product Life Cycle management tools
• Fluent in English

Team size
Direct reports : he/she manages from 5 to 30 persons
Depending on sites or nature of developments , his/her scope of accountability represents a workload of up to 50 full time equivalents

Innovation
On a yearly basis : Make proposals of R&D topics leading to improvements of performance of Engineering in term of Quality or Productivity

Identify necessary investment (CAPEX)
All along the year : Follow market innovations in his/her domain and derive product R&D topics if usefu

An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.  We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.