Cybersecurity Engineer

Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated systems, customized services, infrastructure, signaling and digital mobility solutions. Joining us means joining a caring, responsible, and innovative company where more than 70,000 people lead the way to greener and smarter mobility, worldwide 

Overall Purpose of The Role

The Traction cybersecurity Engineer will manage cybersecurity for RSC component development and project deployment under the responsibility of the cybersecurity Manager in charge of component programs.

The primary responsibilities of the Project cybersecurity Manager are:

• For program cybersecurity implementation:
  • To perform security risk assessment of the solution delivered by the program.
  • Taking into account the different RSC Platform solutions and additional project constraints, to specify and validate the suitable cybersecurity architectures, and counter measures for each of the non-acceptable risks
  • To write and follow-up the program cybersecurity Management plan
  • To follow-up cybersecurity implementation by the sub-contractors
  • To perform cybersecurity evaluation.
• For technical mentoring:
  • To perform cybersecurity risk assessment and analysis
  • Being the reference for mitigation proposal
  • To define cybersecurity solution with the program engineering team
  • To liaise and mentor program engineers how to implement cybersecurity solutions
  • To follow cybersecurity test implementation with V&V and software team.

Detailed Job Responsibilities

• Define security needs as per product baseline for embedded software and electronic product.
• Define the program cybersecurity Management plan following applicable Alstom processes, rules and guidelines and verify these are followed by the program teams.
• Analyze program security needs (including standards and regulations), determine security objectives and main security risks strategy.
• Plan security activities within the program development life cycle in hand with supplier and program needs.
• Manage the program cybersecurity deliverables with respected program milestones.
• To reach agreement with program manager for residual risk.
• Report and orchestrate security events for product.
• Liaise with the rolling stock platform team to define the most suitable solution.
• Apply and export SAR (security assurance requirements).
• Define and review cybersecurity operating procedures.
• Evaluate the program achieved cybersecurity level at the end of the development cycle.
• In case of external cybersecurity audit, manage the relationship with auditors.

Technical Competencies & Experience

To be considered for this role, candidate need to demonstrate the following skills experience and attributes:

• Master’s degree in engineering/Technology (preferably electronics/power electronics) or related field
• 3-5 yrs of experience in the field of OT/IT cybersecurity
• Knowledge of electronics, basic communication protocols, OS, Network architecture and product-oriented development is highly recommended
• Methods of cybersecurity risk analysis
• Experience related to cybersecurity in general (risk assessment, countermeasure specification and evaluation), deployment experience of security technologies.
• Experience with direct responsibility for hands on architecture, design, development
• Strong analytical skills with demonstrated ability for problem solving
• Proven planning, prioritization and organizational skills

Preferred to have :

• CISSP, CISA, CISCO, Comptia security +, ISO 27K, IEC 62443 or other equivalent certification is an asset
• English proficient (oral and written)
• Experience in industrial sector (preferable Railways)
• Hands on experience on network security devices like security gateway config, firewall, data diode, router, plc controller etc.
• Hands on experience with Linux.

Alstom is the leading company in the mobility sector, solving the most interesting challenges for tomorrow’s mobility. That’s why we value inquisitive and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. Day after day, we are building an agile, inclusive and responsible culture, where a diverse group of people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographic locations. Are you ready to join a truly international community of great people on a challenging journey with a tangible impact and purpose?  

Equal opportunity statement:
Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential, and individual differences are valued and respected.  All qualified applicants are considered for employment without regard to race, colour, religion, gender, sexual orientation, gender identity, age, national origin, disability status, or any other characteristic protected by local law.