Haifa-Nazareth EPC Cyber Mgr / CISO (shared EPC/AT)
Haifa, IL
Full Time Mid-level / Intermediate Clearance required USD 40K - 74K *
Alstom
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.Req ID:[[452060]]
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.
Purpose of the job:
Organize and manage Cybersecurity activities during Project (contract execution) or Program (internal development).
ACCOUNTABILITIES & AUTHORITIES
Key accountabilities:
- Analyze Project / Program security needs (including laws and local regulations), determine security objectives and main security risks strategy
- Plan security activities within development life cycle, estimate costs and duration, their impacts related to project program execution, Identify training needs
- Is responsible for Cost / Quality / Delay of Project/Program Cybersecurity deliverables, as needed per Project / program context :
- Cybersecurity context, and Cybersecurity Risk Analysis
- Cybersecurity Architecture definition and requirement allocation
- Cascading of requirement to suppliers, Manage Third Parties Risks,
- Application of Cybersecurity Assurance Level
- Definition of Cybersecurity Operating Procedures
- Evaluation of the Project/Program achieved Cybersecurity level
- Provide support during technical design meetings for cybersecurity activities
- Obtain agreement from Project/Program/Customer about on the set of security measures to be implemented
- Manage vulnerabilities and Cybersecurity issues and actions plan,
- Manage Program / Project Cybersecurity related communication,
- Report on Program / Project Cybersecurity status
- In case of external Cybersecurity audit, manage the relationship with auditors Establish lessons learned
- Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct.
Key Job Authorities and Dimensions
- Responsible of the QCD of its project/program Cybersecurity Work Package
- Functional animation of Cybersecurity Engineer team (typically from 1 to 5)
Performance measurements:
- No "NO GO" for Cybersecurity reasons in Gate Reviews
- Quality of Cybersecurity deliverables, in time
- Achievement of Project/Program targeted level of Cybersecurity
- Assessment findings : Low rework due to external or internal assessments
- Vulnerability management is in place § Respect of Cybersecurity activities QCD commitment
- Cybersecurity issues/incident resolution
EXPERIENCE PREREQUISITES & REQUIRED COMPETENCES
Educational Requirements
Mandatory: University/ Engineer in degree level
Desirable: Cybersecurity certification such as: GICSP, CISSP, GSEC, CISM
Experience
Mandatory:
- Experience with direct responsibility for hands on architecture, design, development
- Experience related to Cybersecurity in general, deployment experience of security technologies.
- QCD Management
Desirable:
- Knowledge of Alstom Products & Solution Portfolio
- Experience in embedded or industrial systems (railway / aeronautics ...)
Requirements
- Israeli Citizen.
- Holds one of the following valid certificates: CISO, CISSP, CISM or equivalent.
- At least seven (7) years of experience in managing Information Security in national and international projects (including specifically providing support in Information Security and cyber protection aspects in the planning and design, procurement, installation, integration, testing, operation and maintenance phases).
- Extensive knowhow in the protection of IT and OT infrastructures and systems.
- In-depth familiarity with up-to-date technologies and Information Security regulation pertaining to the field of transportation.
- The CISO shall be approved by Cyber Authority (MoT).
- Qualified personnel – security clearance level 3 or 4.
- Fluent in both English and Hebrew (read, write and speak).
- Location: Israel.
Competencies & Skills
- Engineering Background
- Knowledge of main Cybersecurity standards and regulations, such as: ISO 2700X, 62443, NIST, NIS, French LPM
- Knowledge of some Cybersecurity solutions and areas
- Methods of Cybersecurity risk analysis
- Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
- Knowledge of the main techniques for evaluating systems security
- Dynamic, autonomous. Creativity and ability to work in a complex environment.
You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!
Important to note
As a global business, we’re an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We’re committed to creating an inclusive workplace for everyone.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Aeronautics CISM CISO CISSP Clearance GICSP GSEC Industrial NIST Risk analysis Security Clearance Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs