Cybersecurity Architect

Apply now »

Date: 27-Apr-2022

Location: Saint-Ouen (Paris), France

Company: Alstom

We create smart innovations to meet the mobility challenges of now and the future. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses, autonomous subways, signalling and digital mobility solutions. Joining us means joining a truly global community of 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact. 
For more information, please visit: https://www.alstom.com

Reporting directly to the Head of Information Cybersecurity Architecture, the IS Security Architect defines some security architecture patterns and contributes to design the appropriate security mechanisms and tools to be implemented within the Alstom Information System.

He/She is part of a team of security architects who define and support security solutions, standards and rules to be implemented to enforce the Security Policy in all Infrastructure and Business projects.

He/She defines and owns security solutions.

Main responsibilities

  • The Security Architect is solution owner for some specific security solutions under his/her responsibility
    • Security studies (business cases) and standards
    • Architecture validation, against Security Policy
    • Infrastructure hardening
    • Integration of Security into standard designs
    • Support level 3/4 – expertise – for specific security solutions
    • Management & budget support on Security projects
  • The IS Security architect follows and validates the security aspects in Alstom’s IT projects
    • Review and approve security deliverables: information system security questionnaires, architecture design documents,
    • Risk analysis – perform risk analysis and identify mitigation plan when relevant
    • Security Insurance Plan –make sure that all IT partners/providers respect the security policy when they deliver services (e.g. Cloud or SaaS provider)
    • Security Acceptance – make the right decision considering the residual risk and the asset value
    • ISS Run Q&A and industrialization

 

 

Qualification & Competencies - Expected Level

 

Initial Background: an IT expert with 5 years of experience in IT Security activities, ideally with an architecture background in IT Security.

 

Languages: English (main language) and French

Required experiences:

  • Security Architecture / Infrastructure Architecture
  • Excellent written/verbal/communication, listening and facilitation skills
  • Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders
  • Able to analyse technical risks and vulnerabilities and to design the appropriate network security pattern (firewalling, proxy, WAF, VPN, etc.)
  • Good understanding of security tools and mechanisms (IDS/IPS, antivirus, anti-malware, authentication mechanisms, IAM, PKI, encryption, etc.)
  • Good understanding of cloud solutions (Microsoft Azure/O365, security solutions in and for the cloud)
  • Risk analysis
  • Knowledge of ISO 27002 and ISO 27005