Project Cybersecurity Engineer

Apply now »

Date: 12-Nov-2022

Location: Stockholm, SE

Company: Alstom

Req ID:243422 

Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated systems, customized services, infrastructure, signalling and digital mobility solutions. Joining us means joining a caring, responsible, and innovative company where 70,000 people lead the way to greener and smarter mobility, worldwide.



What if you could help a leading company create the most efficient and secure digital mobility systems for tomorrow?


We are currently looking for a Project Cybersecurity Engineer in Stockholm to perform cybersecurity activities during contract execution or internal development.



Your mission:


  • Contribute to Tender / Project / Programs Cyber security activities such as:
    • Cybersecurity Risks Assessment
    • Cybersecurity Design (Security Architecture principles, additional security controls)
    • Cybersecurity Evaluation
    • Cybersecurity 3rd  party management
    • Cybersecurity Vulnerability Management and incident resolution.


Your responsibilities will include:


  • Optionally, or if expert:
    • Participating to norms & standards committee
    • Ensuring cyber trend watch (new threats, new techno, etc.)
    • Contributing to Cybersecurity process and standard definition
    • Supporting and deploying cybersecurity knowledge and processes  (coaching, awareness & trainings)
    • Peer reviewing of cyber deliverables from other Projects/Programs
  • Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct.


Performance measurements:


  • Provide requested deliverable in time with adequate quality
  • Relevancy of proposed technical solution
  • Contribution to peer reviews.


Your experience and qualifications :


  • University/ Engineer in degree level
  • Experience in information technology and security
  • Main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS
  • Knowledge of the security market and its key players
  • Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, IAM, DLP, PKI, SOC, IDS / IPS, SAP security, etc.
  • Technical proficiency in at least 2 of the following field:
    • Methods of risk analysis (ISO 27005, Ebios, etc.)
    • Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
    • Knowledge of the main techniques for evaluating systems security
    • Knowledge of tools of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, nessus, BURP
    • Encryption issues and tools (e.g. Truecrypt, Openssl)
    • Low level filtering (Firewall owners, Iptables, OpenVPN)
    • Intrusion testing techniques.
  • Experience in embedded or industrial systems (railway / aeronautics etc.) – desirable
  • Cybersecurity certification such as:  GICSP, CISSP, GSEC, CISM – desirable.




Why Alstom?


Alstom is the leading company in the mobility sector, solving the most interesting challenges for tomorrow’s mobility. That’s why we value inquisitive and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. Day after day, we are building an agile, inclusive and responsible culture, where a diverse group of people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographic locations. Are you ready to join a truly international community of great people on a challenging journey with a tangible impact and purpose?


Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential, and individual differences are valued and respected. All qualified applicants are considered for employment without regard to race, colour, religion, gender, sexual orientation, gender identity, age, national origin, disability status, or any other characteristic protected by local law.


We are acting…



You actively identify issues and risks and develop correction plans

You are a problem solver

You act process minded, data-driven and fact based



You accept differences

You excel in collaboration and


You actively support inclusion



Safety first

You are all responsible to make it happen

You adhere to the highest ethics and compliance rules



Job Segment: ERP, SAP, Technology