Req ID : 66721
We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions.
Joining us means joining a truly global community of more than 38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
ABOUT THE ROLE :
Reporting to the Alstom Project Cybersecurity delivery Manager, the role of the System Administrator in Cybersecurity field is to design and execute cybersecurity activities for projects and development programs .
Mastership of both french and english languages are prerequisites for this role.
Three types of missions are representative of the role :
Deploy a Cybersecurity platform (CSP) on international metro and mainline projects (CyCSP) ;
Contribute to project security conditions (CyMCS) ;
Contribute to project architecture definitions (CyAD).
These missions will allow the position to evolve either towards Cyber project management or towards the role of Cyber Architect.
ORGANIZATIONAL REPORTING : The CSP Leader reports functionally either to the Project Cybersecurity Managers (PCyM) or to the Manager in charge of the Cybersecurity platform deployments.
Deployment of the CSP platform in projects (CyCSP)
CyCSP responsibility consists of taking charge of the following activities :
Adapt the cybersecurity products of the CSP platform to the cybersecurity requirements of projects (project-specific constraints, local regulations, imposed standards) ;
Develop and document action plans to bring projects into compliance with the CSP platform ;
Provide organizational and technical interfaces with other Alstom teams and subsystems ;
Manage and monitor editors and suppliers of Cybersecurity services who work on projects. This can notably concern the piloting of Pentesting campaigns ;
Specify, implement and test security modules that are not part of the CSP Platform ;
In large projects, the CSP leader may have to coordinate actions with one or several System administration engineers.
Contribution to the operational preparation of projects (CyMCS) : CyMCS responsibility consists of taking charge of the following activities :
Particularize the process for setting up projects in safety according to customer requirements ;
Contribute to the training of Customers in the implementation of cybersecurity in Operations mode ;
Develop and document operational conditioning action plans.
Cybersecurity Designer Assistant (CyAD) : CyAD responsibility consists of taking charge of the following activities :
Participate in the definition of the architecture and design principles of cybersecurity, in particular :
Proposal of the technical solution to be implemented in accordance with the cybersecurity design guidelines. One of the main results is the identification of possible cybersecurity architectures ;
Define and maintain a cybersecurity architecture with the identification of the zone, SAL level, MIRE target and cybersecurity functions ;
Support the implementation of cybersecurity through an active contribution to the author-proofreader cycles of design documents.
YOUR PROFILE - QUALIFICATIONS & SKILLS :
Minimum 5 years of experience in IT systems and networks administration ;
You have experience in project management and a good knowledge of the V-cycle ;
Ideally some cybersecurity or general hacking experience and knowledge ;
You have konledge of the main standards and regulations, such as : ISO 2700X, 62443, NIST, NIS ;
Knowledge of the security market and its main players;
Knowledge of certain security solutions and areas, such as : BRP / DRP, GRC, IAM, DLP, PKI, SOC, IDS / IPS, SAP security, etc. ;
Technical mastery of at least 2 of the following areas :
System and network architecture concepts and techniques, operating systems and associated programming languages.
Knowledge of the main systems security assessment techniques
Knowledge of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, Nessus, BURP
Encryption issues and tools (for example, Truecrypt, Openssl)
Low level filtering (firewall owners, Iptables, OpenVPN)
Penetration testing techniques.
Knowledge or experience of on-board or industrial systems (rail / aeronautics ) is an asset ;
Dynamic, autonomous. Creativity and ability to work in a complex environment. Good writing skills.
English and French languages are prerequesites.
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.
We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
Job Type : Experienced