Cybersecurity Architect

**About Alstom**:

- We develop and market mobility solutions that provide the
- **sustainable foundations for the future of transportation**. Alstom’s products portfolio ranges from high-speed trains, metros, monorail, trams and e-buses to integrated systems, customized services, infrastructure, signalling and digital mobility solutions. Join our global community and help us create smart and sustainable innovations to meet the mobility challenges of today and tomorrow.
- An agile, inclusive and responsible culture is the foundation of our company. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
- **Why should you choose Alstom?**

To access technical and managerial career paths and leverage advanced paradigms and other cutting-edge technologies.**The Role**:

- She/He will be responsible for designing, creating, and maintaining the cybersecurity aspects of Alstom solutions. The resource will act crosswise on projects and programmes within the Signalling Division, both by validating cyber security solutions, defining architectures and supporting consulting companies and teams in their implementation.
- In particular, the figure will have to:
- Responsible of Alstom solution security analysis and of the definition of its security requirements and architecture;
- Lead or contribute to activities such as Cybersecurity:

- risk assessment;
- requirement implementation;
- evaluation od developed solutions;
- vulnerablity management;
- Management of 3rd parties
- Provide technical guidance and supervision for the project/program team, on cybersecurity architecture and technical implementation;
- Respond and support to any security-related incidents and provide post-event analysis;
- Ensure cyber trend watch (new threats, new techno, etc.) related to the delivered solution(s);

**Educational and Professional Requirements**:

- University/ Engineer in degree level or equivalent experience\qualifications;
- 5 years' experience in IT/OT security and risk management with a focus on security, performance and reliability is preferred.
- Technical proficiency of Architecture concepts and techniques of systems and networks, operating systems and associated programming languages;
- Understanding of main cybersecurity standards and regulations, such as: ISA/IEC 62443, TS 50701, ISO 2700X, NIST, NIS;
- Understanding of OT System architecture;
- Knowledge of cybersecurity risk assessment methodology;
- Knowledge of defence in depth techniques;
- Capacity to address high level (system) et low level (IT, Security technologies and Software design) and to design a cyber architecture;
- Knowledge of recognized techniques for evaluating systems security and Intrusion testing techniques;
- Understanding of third-party auditing and risk assessment
- Cybersecurity certification such as ISA/IEC 62443 is appreciated;
- Experience in embedded or industrial systems and/or in System Engineering is appreciated;
- English excellent knowledge is mandatory;
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures;
- CDynamic, autonomous. Creativity and ability to work in a complex environment. Synthesis spirit, excellent written and verbal communication skills complete the profile.