Program Cybersecurity Manager
Bengaluru, KA, IN
Alstom
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.Req ID:449391
We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 70000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
Purpose of the Job
Organize and manage Cybersecurity activities of Alstom Product/Solution
WHAT ARE MY RESPONSIBILITIES?
The Program Cybersecurity Manager is the point of contact of the Program for cybersecurity related subjects. He is in charge of the following activities:
- Analyse Program security needs (including laws and local regulations), determine security objectives and main security risks strategy
- Analyse cybersecurity features to be developed based on product design directives (IEC 62443) and Alstom solution roadmap.
- Obtain agreement from Program about on the set of security measures to be implemented
- Plan security activities within development life cycle, estimate costs and duration, their impacts related to program execution.
- Expert guidance to implementation team towards developing product cybersecurity features.
- Is responsible for managing Cost / Quality / Delay of Program Cybersecurity deliverables, as below :
- Cybersecurity Management Plan, Threat Modelling
- Cybersecurity Architecture Definition and Requirement Allocation
- Application of Cybersecurity Assurance Level
- Cybersecurity evaluation plan and report
- Cybersecurity Operating Procedures
- Supplier capability assessment and COTS evaluation reports
- Evaluation of the Program achieved Cybersecurity level
- Provide support during technical design meetings for cybersecurity activities
- Manage vulnerabilities and Cybersecurity issues and actions plan,
- Manage Program Cybersecurity related communication,
- Report on Program Cybersecurity status
- In case of external Cybersecurity audit, manage the relationship with auditors Establish lessons learned
WHAT DO I NEED TO QUALIFY FOR THIS JOB?
Qualification-
Mandatory:
University/ Engineer in degree level
Desirable:
Cybersecurity certification such as: GICSP, CISSP, GSEC, CISM
Skills required
- 8+ years total experience in information technology and security. Experience with direct responsibility for hands on architecture, design, development.
- Knowledge in some product security areas like Data at Rest/Transit, Identity and Access Management, PKI, Hardening, Network protection and partitioning, Log/Event Management, Cryptography, IDS, etc.
- Experience related to management of cybersecurity in general, deployment experience of security technologies.
- Management of Quality, cost and delivery
- Methods of Cybersecurity risk analysis, Threat Modelling.
- Knowledge of some information security areas such as risk/vulnerability assessment, threats, recovery, risk & compliance reporting, identity management, intrusion detection/prevention, etc.
- Knowledge of cybersecurity standards (ISO 2700X, IEC 62443, NIST, etc.) is desirable
- Familiarity with security products and protocols.
- Knowledge of industry best practices, methodologies, tools, etc. in the field of cybersecurity
- Strong documentation (written) and presentation (verbal) skills
- Ability to collaborate across traditional engineering functions.
- Ability to communicate effectively with customers, vendors and internal stakeholders.
- Cybersecurity certifications desirable (GICSP, CISSP, GSEC, CISM)
- Dynamic, autonomous. Ability to work in a complex and cross functional environment.
Language Skills: Proficient in English language
- IT Skills: MS office tools (Word, Excel, PowerPoint)
Measurement
- No "NO GO" for Cybersecurity reasons in Gate Reviews
- Quality of Cybersecurity deliverables, in time
- Achievement of targeted level of Cybersecurity
- Assessment findings: Low rework due to external or internal assessments
- Vulnerability management is in place
- Respect of Cybersecurity activities QCD commitment
- Cybersecurity issues/incident resolution
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
Job Type:Experienced
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile CISM CISSP Compliance Cryptography GICSP GSEC IAM IDS IEC 62443 Intrusion detection NIST PKI Product security Risk analysis Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs