Cybersecurity Engineer

At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.

Could you be the full-time Cybersecurity Engineer in Madrid we’re looking for?

Your future role

• Take on a new challenge and apply your Cybersecurity expertise in a new cutting-edge field. You will work alongside young and proactive teammates.
• You will execute cybersecurity activities during project, tender or program execution. Day-to-day, you’ll work closely with teams across the business (Engineering), perform and then maintain Cybersecurity Risk Analysis and much more.
• You’ll specifically take care of develop and document risk mitigation action plans, including recommendations to reduce information security risk, but also perform the interviews for risk analysis of different sub-systems engineers. 
• Design cybsercurity evaluation and testing plans, perform cybersecurity tests on targeted systems, report results and define action plans for security improvements. 
• Monitor cybersecurity controls implementation, gathering evidence for compliance with cybersecurity requirements. 
• Support in vulnerability management: review and analysis of vulnerability scans reports and definition of mitigation/remediation strategies.

We’ll look to you for:

• Audit the application of the mitigation plan for every stakeholder’s
• Define Cybersecurity Architecture & Design principles including in particular:
• Proposition of the technical solution for implementation in line with cybersecurity design directives. One main outcome is the identification of possible candidate cybersecurity architectures
• Define and maintain cybersecurity architecture with the identification of the zone,  
• Security Level Target and Cybersecurity Functions
• Support implementation of cybersecurity through active contribution in Author-Reader cycles of design documents.

All about you

We value passion and attitude over experience. That’s why we don’t expect you to have every single skill. Instead, we’ve listed some that we think will help you succeed and grow in this role:

• University/ Engineer in degree level
• Master’s degree in Engineering/Technology or related field
• Strong interest for Cybersecurity, experience related to Cybersecurity or hacking in general
• Main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS, French LPM
• Knowledge of the security market and its key players;
• Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, IAM, DLP, PKI, SOC,
• IDS / IPS, SAP security, etc.
• Technical proficiency in at least 2 of the following field o Methods of risk analysis (ISO 27005, Ebios,etc.) o Architecture concepts and techniques of systems and networks, operating systems and associated programming languages. o Knowledge of the main techniques for evaluating systems security o Knowledge of tools of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, nessus, BURP o Encryption issues and tools (e.g. Truecrypt, Openssl) o Low level filtering (Firewall owners, Iptables, OpenVPN) o Intrusion testing techniques.
•  Desirable: Cybersecurity certification such as: GICSP, CISSP, GSEC, CISM, CISA, CEH
• High level in English is a must (B2 or C1 level)
• Strong analytical skills with demonstrated ability for problem solving
• Creativity and ability to work in a complex environment
• Proven planning, prioritization and organizational skills
• Professional & concise communication (written & verbal)
• Knowledge in Railway Sector or Industry will be a plus.

Things you’ll enjoy

Join us on a life-long transformative journey – the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. You’ll also:

• Enjoy stability, challenges and a long-term career free from boring daily routines
• Work with new security standards for rail signalling.
• Collaborate with transverse teams and helpful colleagues
• Contribute to innovative projects
• Utilise our cooperative working environment
• Steer your career in whatever direction you choose across functions and countries
• Benefit from our investment in your development, through award-winning learning
• Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage

You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!

Important to note

As a global business, we’re an equal-opportunity employer that celebrates diversity across the 70+ countries we operate in. We’re committed to creating an inclusive workplace for everyone.