Cyber Security Engineer

Apply now »

Date: 24-Jul-2022

Location: Porto, Portugal

Company: Alstom


We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.   




Meeting the ever-changing needs of our markets is our driving ambition. At Alstom, innovation is transparent, inclusive, business-minded, open, and above all, collaborative.


Explore how we're creating the future of mobility and join our team of passionate professionals as Cyber Security Engineer, Porto or Lisbon


Overall Purpose of The Role

The Cybersecurity Engineer reporting to the Project Cybersecurity Manager and Regional Cybersecurity Head.

The Cybersecurity Engineer role is to execute cybersecurity activities during project, tender or program execution: Cybersecurity Risk Analyst (CyRA) & Cybersecurity Designer (CyD).


Detailed Responsibilities


Cybersecurity Risk Analyst is in charge of the following activities:

  • Perform and then maintain Cybersecurity Risk Analysis
  • Develop and document risk mitigation action plans, including recommendations to reduce information security risk
  • Perform the interviews for risk analysis of different sub-systems engineers
  • Audit the application of the mitigation plan for every stakeholder’s


Cybersecurity Designer is in charge of the following activities:

  • Define Cybersecurity Architecture & Design principles including in particular: proposition of the technical solution for implementation in line with cybersecurity design directives; one main outcome is the identification of possible candidate cybersecurity architectures
  • Define and maintain cybersecurity architecture with the identification of the zone, Security Level Target, and Cybersecurity Functions
  • Support implementation of cybersecurity through active contribution in Author-Reader cycles of design documents.


Competencies & Experience

  • Master’s in Cybersecurity or Engineering/Technology career
  • Strong interest for Cybersecurity, experience related to Cybersecurity or hacking in general
  • Main standards and regulations, such as: ISO 2700X, ISA/IEC 62443, NIST, NIS, NES (Spanish standard)
  • Knowledge of the security market and its key players (manufacturers like CISCO, Fortinet, McAfee, IBM Q-Radar, others)
  • Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, IAM, DLP, PKI, SOC, IDS / IPS, etc.
  • Technical proficiency in at least 2 of the following field
    • Methods of risk analysis (ISO 27005, Magerit/Pilar, NIST, etc.)  
    • Architecture concepts and techniques of systems and networks, OT systems (ICS, PLC, etc.), and industrial protocols
    • Knowledge of the main techniques for evaluating systems security
    • Encryption issues and tools
    • Low level filtering (Firewall owners, Iptables, OpenVPN)
  • Desirable: Cybersecurity certification such as: GICSP, CISSP, GSEC, CISA, CEH
  • High level in English is a must (B2 or C1 level), Spanish will be a plus
  • Knowledge in Railway Sector or Industry will be a plus.




Alstom is the leading company in the mobility sector, solving the most interesting challenges for tomorrow’s mobility. That’s why we value inquisitive and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. Day after day, we are building an agile, inclusive and responsible culture, where a diverse group of people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographic locations. Are you ready to join a truly international community of great people on a challenging journey with a tangible impact and purpose? 



Equal opportunity statement:

Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential, and individual differences are valued and respected.  All qualified applicants are considered for employment without regard to race, colour, religion, gender, sexual orientation, gender identity, age, national origin, disability status, or any other characteristic protected by local law.



Job Segment: Information Security, Cisco, Technology