Domain Leader Cybersecurity
Bengaluru, KA, IN
Alstom
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
Job Title: Domain Leader - Cyber Security
Organisation Reporting
Hierarchical - He/she reports to the Site TC& IS Metier Manager (SMM)
Functional - He/she reports to the Site TC& IS Metier Manager (SMM)
Network & Links
Project Engineering Managers (PrEM)
Train Control Engineers (TCE) /Train System Engineers (TSE)
Central TC&IS team
Leaders of other Domains on his/her site
Leaders of the same Domain on other sites
Performance Measurement KPI’s
Global workload management of his/her team :Capacity = workload ± 10%
Workforce staffing ramp-up at project start up :(Capacity = workload) at T0 + 1 month
Level of application of standard process & tools :100% standard process & tools applied
Return of Experience (REX) management between projects :ZERO missing REX between projects
Responsibilities
Accountable for :
Key accountabilities:
Analyze Project / Program security needs (including laws and local regulations), determine security objectives and main security risks strategy
Plan security activities within development life cycle, estimate costs and duration, their impacts related to project program execution, Identify training needs
Is responsible for Cost / Quality / Delay of Project/Program Cybersecurity deliverables, as needed per Project / program context :
- Cybersecurity context, and Cybersecurity Risk Analysis
- Cybersecurity Architecture definition and requirement allocation
- Cascading of requirement to suppliers, Manage Third Parties Risks,
- Application of Cybersecurity Assurance Level
- Definition of Cybersecurity Operating Procedures
- Evaluation of the Project/Program achieved Cybersecurity level
Provide support during technical design meetings for cybersecurity activities
Obtain agreement from Project/Program/Customer about on the set of security measures to be implemented
- Manage vulnerabilities and Cybersecurity issues and actions plan,
- Manage Program / Project Cybersecurity related communication,
- Report on Program / Project Cybersecurity status
- In case of external Cybersecurity audit, manage the relationship with auditors Establish lessons learned
- Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct.
Key Job Authorities and Dimensions
- Responsible of the QCD of its project/program Cybersecurity Work Package
- Functional animation of Cybersecurity Engineer team (typically from 1 to 5)
Performance measurements:
- No "NO GO" for Cybersecurity reasons in Gate Reviews
- Quality of Cybersecurity deliverables, in time
- Achievement of Project/Program targeted level of Cybersecurity
- Assessment findings : Low rework due to external or internal assessments
- Vulnerability management is in place
- Respect of Cybersecurity activities QCD commitment
- Cybersecurity issues/incident resolution
Responsible for :
Assigning the resources (staff, tools, …) for executing Projects engineering WP of his/her Domain
Managing the workload, including the sub-contracted part (technical assistance or work-package)
Contributing to the sub-contracting strategy in liaise with Sourcing
Evaluating performance and setting objectives of his/her team
Defining the training plan appropriate to his/her team’s needs and Alstom strategy
Networking with other sites to share workload, Return on Experience and Technology topics
Proposing to the Site TC&IS Manager the investments for HW & SW necessary to ensure the deliveries on projects conducted by the
Site.
Managing his/her Domain by using regularly updated KPIs related to his/her Domain
Keeping be informed of the QCD of Projects his/her team contributes to, in order to propose improvements, if necessary
Initiating and following up action plans to solve issues common across projects and/or improve results in projects
Managing and sharing the RoE of his/her activities with Central TC&IS
Proposing improvements on his/her Domain process and tools defined by Central TC&IS
Knowledge & Experience
Experience of hands-on activities of his/her Domain activities on multiple projects (at least 2 years in Railways or Automotive domain)
like :
- Sub-system : requirement gathering, specification, architecture
- Software : software development
- Schematics & Apparatus : electrical development, notions of manufacturing
- Verification & test : test specification, hardware-software integration
- Experience in team and project management (at least 5 years).
- Familiarity with Domain modelling tools and Product Life Cycle management tools
- Fluent in English
Team size
Direct reports : he/she manages from 5 to 30 persons
Depending on sites or nature of developments , his/her scope of accountability represents a workload of up to 50 full time equivalents
Innovation
On a yearly basis : Make proposals of R&D topics leading to improvements of performance of Engineering in term of Quality or Productivity
Identify necessary investment (CAPEX)
All along the year : Follow market innovations in his/her domain and derive product R&D topics if usefu
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile KPIs R&D Risk analysis Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs