Cybersecurity Bid Manager
Alstom
- Derby
- Permanent
- Full-time
Take on a new challenge and apply your cybersecurity expertise in the new field of Digital Mobility. You'll report to the Regional Cybersecurity Director UKI/SPP, and work within a close-knit and agile team that is part of the rail industry's largest and most successful cybersecurity organization. Care to make a difference? You'll ensure that tender cybersecurity requirements are identified and that solutions are defined and costed to achieve security outcomes for customers that benefit the safety and resilience of the railway. Day-to-day, you'll work closely with teams across the business, including project cybersecurity managers, cybersecurity product specialists, and quality, safety and engineering teams.We'll look to you to:
- Be the cybersecurity interface to bidding teams in UK&I (across all Product Lines), and to cybersecurity platform colleagues worldwide.
- Participate in Tender Launch Workshops and other key tender meetings to ensure that cybersecurity activities are aligned with the tender planning and that inputs are provided in a timely manner.
- Analyze tender documents, and local laws and regulations, to establish the full set of cybersecurity requirements for analysis locally, and by Platform colleagues, in the Clause-by-Clause analysis.
- Facilitate internal cybersecurity governance meetings such as the Cyber TDR or Cyber QCD, achieving a GO in advance of the respective tender meeting.
- Align cybersecurity quotations with the “gabarits” and/or any applicable RefLib, ensuring that all gaps are costed and included in the quotation, and that the technical solution and costing is optimized from both technical and cost perspectives.
- Procure necessary commitments on cybersecurity tasks, deliverables and schedules and confirm that associated budgets have been checked, are achievable and agree
We understand that industrial cybersecurity is an emerging discipline, and we value passion and attitude over experience. We don't expect you to have every single skill. Instead, we've listed some that we think will help you to succeed and grow in this role:
- Expertise (or a degree) in a relevant engineering or technical discipline.
- Experience or good understanding of industrial network security and/or embedded systems - perhaps gained in another industrial sector.
- Knowledge of IACS security standards and a working knowledge of information security standards such as ISO2700x, NIST etc.
- Familiarity with security risk management and IACS reference security architectures.
- Excellent verbal and written communication skills.
- Adaptable and open to change: IACS cybersecurity processes and standards are new and may be subject to change; others are in development. You will need to remain current and embrace the changes that the topic is bringing.
- Self-motivated with a desire to learn.
- Able to work independently and interact with a broad cross-section of personnel to build consensus; and
- A strong team player, with effective interpersonal skills.
Join us on a life-long transformative journey - the rail family is here to stay, so you can grow and develop new skills and experiences throughout your career. You'll also:
- Enjoy stability, challenges and a long-term career free from boring daily routines.
- Work with new security standards for rail signalling, such as IEC 62443, TS 50701 and IEC PT 63452.
- Utilise our Agile style of working to collaborate with transverse teams and helpful colleagues on innovative projects.
- Steer your career in whatever direction you choose across functions and countries.
- Benefit from our investment in your development, through award-winning learning and our Cybersecurity Academy.
- Progress towards other senior cybersecurity roles: e.g., Delivery Head, Regional Cybersecurity Manager or Director; and
- Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive benefits (pension, life ins., medical, + anything specific to the site e.g. free on-site parking, canteen etc.