Cybersecurity Engineer
Alstom
- Charleroi, Henegouwen
- Vast
- Voltijds
- For program cybersecurity implementation:
- To perform security risk assessment of the solution delivered by the program.
- Taking into account the different RSC Platform solutions and additional project constraints, to specify and validate the suitable cybersecurity architectures, and counter measures for each of the non-acceptable risks
- To write and follow-up the program cybersecurity Management plan
- To follow-up cybersecurity implementation by the sub-contractors
- To perform cybersecurity evaluation.
- For technical mentoring:
- To perform cybersecurity risk assessment and analysis
- Being the reference for mitigation proposal
- To define cybersecurity solution with the program engineering team
- To liaise and mentor program engineers how to implement cybersecurity solutions
- To follow cybersecurity test implementation with V&V and software team.
- Define security needs as per product baseline for embedded software and electronic product.
- Define the program cybersecurity Management plan following applicable Alstom processes, rules and guidelines and verify these are followed by the program teams.
- Analyze program security needs (including standards and regulations), determine security objectives and main security risks strategy.
- Plan security activities within the program development life cycle in hand with supplier and program needs.
- Manage the program cybersecurity deliverables with respected program milestones.
- To reach agreement with program manager for residual risk.
- Report and orchestrate security events for product.
- Liaise with the rolling stock platform team to define the most suitable solution.
- Apply and export SAR (security assurance requirements).
- Define and review cybersecurity operating procedures.
- Evaluate the program achieved cybersecurity level at the end of the development cycle.
- In case of external cybersecurity audit, manage the relationship with auditors.
- Master’s degree in engineering/Technology (preferably electronics/power electronics) or related field
- 3-5 yrs of experience in the field of OT/IT cybersecurity
- Knowledge of electronics, basic communication protocols, OS, Network architecture and product-oriented development is highly recommended
- Methods of cybersecurity risk analysis
- Experience related to cybersecurity in general (risk assessment, countermeasure specification and evaluation), deployment experience of security technologies.
- Experience with direct responsibility for hands on architecture, design, development
- Strong analytical skills with demonstrated ability for problem solving
- Proven planning, prioritization and organizational skills
- CISSP, CISA, CISCO, Comptia security +, ISO 27K, IEC 62443 or other equivalent certification is an asset
- English proficient (oral and written)
- Experience in industrial sector (preferable Railways)
- Hands on experience on network security devices like security gateway config, firewall, data diode, router, plc controller etc.
- Hands on experience with Linux.
Alstom is an equal opportunity employer committed to creating an inclusive working environment where all our employees are encouraged to reach their full potential, and individual differences are valued and respected. All qualified applicants are considered for employment without regard to race, colour, religion, gender, sexual orientation, gender identity, age, national origin, disability status, or any other characteristic protected by local law.