Project Cybersecurity Engineer
ALSTOM Grid
Req ID:446808
We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
Job Title & Purpose
Job Title
EN-XY-01: Cybersecurity Engineer (CyEng)
Purpose of the Job
Perform Cybersecurity activities during contract execution
Position in the Organisation
Organisation Reporting
Hierarchical manager: Project Cybersecurity Manager (PCyM)
Network & Links
Project or Program Manager and team
Project/Program Cybersecurity Manager
Platform Cybersecurity Managers
Region Cybersecurity Managers
Cybersecurity Management Office
Missions
Performance Measurement/KPI’s
- Provide requested deliverable in time with adequate quality
- Relevancy of proposed technical solution
- Contribution to peer reviews
Responsibilities
Contribute to Project Cyber security activities such as:
- Cybersecurity Risks Assessment
- Cybersecurity Design (Security Architecture principles, additional security controls)
- Cybersecurity Evaluation
- Cybersecurity 3rd party management
- Cybersecurity Vulnerability Management and incident resolution
Optionally, or if expert :
- Participates to norms & standards committee
- Ensure cyber trend watch (new threats, new techno, ...)
- Contribute to Cybersecurity process and standard definition
- Support and deploy cybersecurity knowledge and processes (coaching, awareness & trainings)
- Peer review of cyber deliverables from other Projects/Programs
Job Specifications
Knowledge & Experience :
Educational Requirements: Engineering degree
Technical Knowledge / Experience
- Five+ years of experience related to Cybersecurity or hacking in general
- Main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS, French LPM
- Knowledge of the security market and its key players;
- Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, , PKI, SOC, IDS / IPS, etc.
- Technical proficiency in at least 2 of the following field
- Methods of risk analysis (ISO 27005, Ebios, etc.)
- Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
- Knowledge of the main techniques for evaluating systems security
- Knowledge of tools of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, nessus, BURP
- Encryption issues and tools (e.g. Truecrypt, Openssl)
- Low level filtering (Firewall owners, Iptables, OpenVPN)
- Intrusion testing techniques.
- Knowledge of Experience in embedded or industrial systems (railway / aeronautics ...) is a plus
Team size : 0
Innovation : Research, Patents etc
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
Job Type:Experienced