Service Cybersecurity Officer

at  ALSTOM

Req ID:456423
Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated systems, customised services, infrastructure, signalling and digital mobility solutions. Joining us means joining a caring, responsible, and innovative company where more than 70,000 people lead the way to greener and smarter mobility, worldwide

KEY ACCOUNTABILITIES:

• Master Service Cybersecurity needs (including laws and local regulations), determine Cybersecurity objectives and risk management strategy
• Supervise Cybersecurity of IT services, Train assets, Train to Wayside communication
• Supervise Cybersecurity of Train Laboratory, Driver Simulator
• Is responsible for Cost / Quality / Delay of Service Cybersecurity deliverables, as needed per Project context :
• Plan Cybersecurity activities within Service delivery, estimate costs and duration, and their impacts
• Obtain agreement from Project /Customer about the set of security measures to be implemented
• Manage Cybersecuritty vulnerabilities, issues and remediation action plan
• Identify and perform Cybersecurity training of the Service team as needed
• Support Cybersecurity monitoring and Incident Management,
• Ensure General Data Protection (GDPR) compliance
• Provide Cybersecurity support on technical matters
• Manage Project Cybersecurity dashboard and related internal/external communication
• In case of external Cybersecurity audit, manage the relationship with auditors. Establish lessons learned
• Promote the Alstom Code of Ethics and adhere to the highest standards of ethical conduct.

Performance measurements:

• Cybersecurity Key Indicators of the project are available and continuously updated
• Respect the Cybersecurity activities Quality, Cost and Delivery commitment
• Maintain Service Cybersecurity targeted level
• Vulnerability management is in place
• Cybersecurity issues/incident are resolved in time
• Participation to Service management cycle (project and steering level)

• University/ Engineer in degree level and Engineering background
• Good knowledge of IT architecture concepts and techniques for operating systems, computing and networks,
• Experience related to Cybersecurity in general, deployment experience of security technologies.
• Knowledge of main Cybersecurity standards and regulations, such as: ISO 2700X, 62443, NIST, GDPR
• Experience with direct responsibility for hands on Cybersecurity governance
• Knowledge of methods for Cybersecurity risk analysis and vulnerability assessment
• Dynamic, autonomous.
• Creativity and ability to work in a complex environment.
• Good communication and presentation skills
• Experience in embedded or industrial systems (railway, energy …) – desirableCybersecurity certification such as: GICSP, CISSP, GSEC, CISM – desirable