Project Cybersecurity Engineer

Req ID:446808 

We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.  

Job Title & Purpose

Job Title

EN-XY-01: Cybersecurity Engineer (CyEng)

Purpose of the Job

Perform Cybersecurity activities during contract execution

Position in the Organisation

Organisation Reporting

Hierarchical manager: Project Cybersecurity Manager (PCyM)

Network & Links

Project or Program Manager and team

Project/Program Cybersecurity Manager

Platform Cybersecurity Managers

Region Cybersecurity Managers

Cybersecurity Management Office

Missions

Performance Measurement/KPI’s

• Provide requested deliverable in time with adequate quality
• Relevancy of proposed technical solution
• Contribution to peer reviews

Responsibilities

Contribute to Project Cyber security activities such as:

• Cybersecurity Risks Assessment
• Cybersecurity Design (Security Architecture principles, additional security controls)
• Cybersecurity Evaluation
• Cybersecurity 3rd party management
• Cybersecurity Vulnerability Management and incident resolution

Optionally, or if expert :

• Participates to norms & standards committee
• Ensure cyber trend watch (new threats, new techno, ...)
• Contribute to Cybersecurity process and standard definition
• Support and deploy cybersecurity knowledge and processes  (coaching, awareness & trainings)
• Peer review of cyber deliverables from other Projects/Programs

Job Specifications

Knowledge & Experience :

Educational Requirements: Engineering degree

Technical Knowledge / Experience

• Five+ years of experience related to Cybersecurity or hacking in general
• Main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS, French LPM
• Knowledge of the security market and its key players;
• Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, , PKI, SOC, IDS / IPS, etc.
• Technical proficiency in at least 2 of the following field

• Methods of risk analysis (ISO 27005, Ebios, etc.)
• Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
• Knowledge of the main techniques for evaluating systems security
• Knowledge of tools of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, nessus, BURP
• Encryption issues and tools (e.g. Truecrypt, Openssl)
• Low level filtering (Firewall owners, Iptables, OpenVPN)
• Intrusion testing techniques.

• Knowledge of Experience in embedded or industrial systems (railway / aeronautics ...) is a plus

Team size : 0

Innovation : Research, Patents etc

An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.  We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.   

Job Type:​Experienced​