Cybersecurity Engineer
Charleroi, BE
Alstom
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated systems, customized services, infrastructure, signaling and digital mobility solutions. Joining us means joining a caring, responsible, and innovative company where more than 70,000 people lead the way to greener and smarter mobility, worldwide
Overall Purpose of The Role
The Traction cybersecurity Engineer will manage cybersecurity for RSC component development and project deployment under the responsibility of the cybersecurity Manager in charge of component programs.
The primary responsibilities of the Project cybersecurity Manager are:
- For program cybersecurity implementation:
- To perform security risk assessment of the solution delivered by the program.
- Taking into account the different RSC Platform solutions and additional project constraints, to specify and validate the suitable cybersecurity architectures, and counter measures for each of the non-acceptable risks
- To write and follow-up the program cybersecurity Management plan
- To follow-up cybersecurity implementation by the sub-contractors
- To perform cybersecurity evaluation.
- For technical mentoring:
- To perform cybersecurity risk assessment and analysis
- Being the reference for mitigation proposal
- To define cybersecurity solution with the program engineering team
- To liaise and mentor program engineers how to implement cybersecurity solutions
- To follow cybersecurity test implementation with V&V and software team.
Detailed Job Responsibilities
- Define security needs as per product baseline for embedded software and electronic product.
- Define the program cybersecurity Management plan following applicable Alstom processes, rules and guidelines and verify these are followed by the program teams.
- Analyze program security needs (including standards and regulations), determine security objectives and main security risks strategy.
- Plan security activities within the program development life cycle in hand with supplier and program needs.
- Manage the program cybersecurity deliverables with respected program milestones.
- To reach agreement with program manager for residual risk.
- Report and orchestrate security events for product.
- Liaise with the rolling stock platform team to define the most suitable solution.
- Apply and export SAR (security assurance requirements).
- Define and review cybersecurity operating procedures.
- Evaluate the program achieved cybersecurity level at the end of the development cycle.
- In case of external cybersecurity audit, manage the relationship with auditors.
Technical Competencies & Experience
To be considered for this role, candidate need to demonstrate the following skills experience and attributes:
- Master’s degree in engineering/Technology (preferably electronics/power electronics) or related field
- 3-5 yrs of experience in the field of OT/IT cybersecurity
- Knowledge of electronics, basic communication protocols, OS, Network architecture and product-oriented development is highly recommended
- Methods of cybersecurity risk analysis
- Experience related to cybersecurity in general (risk assessment, countermeasure specification and evaluation), deployment experience of security technologies.
- Experience with direct responsibility for hands on architecture, design, development
- Strong analytical skills with demonstrated ability for problem solving
- Proven planning, prioritization and organizational skills
Preferred to have :
- CISSP, CISA, CISCO, Comptia security +, ISO 27K, IEC 62443 or other equivalent certification is an asset
- English proficient (oral and written)
- Experience in industrial sector (preferable Railways)
- Hands on experience on network security devices like security gateway config, firewall, data diode, router, plc controller etc.
- Hands on experience with Linux.
Alstom is the leading company in the mobility sector, solving the most interesting challenges for tomorrow’s mobility. That’s why we value inquisitive and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. Day after day, we are building an agile, inclusive and responsible culture, where a diverse group of people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographic locations. Are you ready to join a truly international community of great people on a challenging journey with a tangible impact and purpose?
Equal opportunity statement:
Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential, and individual differences are valued and respected. All qualified applicants are considered for employment without regard to race, colour, religion, gender, sexual orientation, gender identity, age, national origin, disability status, or any other characteristic protected by local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile CISA CISSP CompTIA Firewalls IEC 62443 Industrial ISO 27000 Linux Network security Risk analysis Risk assessment Security Assessment Report Strategy
Perks/benefits: Equity Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs