Job Title

Project Cybersecurity Manager Alstom At Alstom, we deliver highspeed trains, metros, monorails, trams, and turnkey systems that enable smarter, greener mobility worldwide. Key Accountabilities Analyze program security needs, determine security objectives, and define the main security risk strategy. Plan security activities within the development life cycle, estimate costs and duration, assess impacts on program execution, and identify training needs. Responsible for the Cost / Quality / Delay of program cybersecurity deliverables: Cybersecurity context and risk analysis Cybersecurity architecture definition and requirement allocation Cascading of requirements to suppliers and managing thirdparty risks Application of cybersecurity assurance levels Definition of cybersecurity operating procedures Evaluation of the achieved cybersecurity level of the project/program Provide support during technical design meetings for cybersecurity activities. Obtain agreement from program/customer on the set of security measures to be implemented. Manage vulnerabilities, cybersecurity issues, and action plans. Manage cybersecurityrelated communication and report on program status. In case of external cybersecurity audit, manage the relationship with auditors and establish lessons learned. Promote the Alstom Code of Ethics and uphold the highest standards of ethical conduct. Performance Measurements No ''''NO GO'''' for cybersecurity reasons in gate reviews. Quality of cybersecurity deliverables delivered on time. Achievement of the program''''s targeted cybersecurity level. Low rework due to internal or external assessment findings. Vulnerability management in place. Respect of cybersecurity activity QCD commitments. Resolution of cybersecurity issues/incidents. Experience Mandatory Direct responsibility for handson architecture, design, and development. Broad cybersecurity experience and deployment of security technologies. Project management experience. 8+ years of proven experience delivering safetycritical systems. 35 years of experience using standards such as IEC62443, CLC/TC 50701, APTA, and related standards. Experience performing cybersecurity analysis on industrial control systems. Experience leading cyber certification for industrial control systems. Experience Desirable Experience in embedded or OT/industrial railway or aeronautics systems. Experience performing cybersecurity analysis on passenger rail systems. Experience leading cyber certification for rapid transit systems. Competencies & Skills Engineering background. Knowledge of cybersecurity standards and regulations: ISO2700X, 62443, NIST, APTA. Familiarity with cybersecurity solutions and areas. Proficiency in cybersecurity risk analysis methods. Concepts and techniques for system and network architecture, operating systems, and programming languages. Knowledge of techniques for evaluating system security. Certifications such as CISSP, CISM, CEH, GICSP, CompTIA Security+. Additional Information We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! As a global business, were an equalopportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone. #J-18808-Ljbffr