Domain Leader Cybersecurity – m/f

Job offer of ALSTOM

InnoTrans 2018
Location Saint-Ouen , Île-de-France Region , France
Type of contract Employee
Entry date as of now
Career level 1-3 years of professional experience
Updated at 17 Sep 2018

48 rue Albert Dhalenne
93482 SAINT-OUEN Cedex
France

InnoTrans 2018

Share link

Recommend

Recommendation of Domain Leader Cybersecurity – m/f

Divide various addresses by comma. The recipients will get a link to this platform.

Please enter a valid recipient.
Please enter a valid email address.
Please enter a message.
* required
Your recommendation has been sent successfully.
Send another message.

Job description

Within the Engineering department of the Train and Passenger entity of the Villeurbanne site, the mission is to organize and manage Cybersecurity study, validation and verification activities for all onboard electronic equipment on our trains (Trams, metro, regional, high speed):

RESPONSIBILITIES:

As a technical referent for the department:

  • To be the privileged interface for the department with the various interlocutors of the central organization Cybersecurity of Alstom and products.
  • Participate in the definition of secure technical architectures for responses to calls for tender: Understanding the need expressed by the customer, specifying the technical aspects.
  • Provide support during technical design meetings for cybersecurity activities.
  • Carry out, if necessary, support for events brought up by internal and external clients.
  • For needs on existing projects: perform security assessments of an infrastructure or application
  • Train and / or sensitize the various Alstom teams and suppliers to Cybersecurity issues;
  • Evaluate project and business impacts of technical vulnerabilities identified as part of technological monitoring activities.
  • Organize the capture of experience feedback and the implementation of continuous improvement plans for Cybersecurity aspects.

Within the framework of specific projects, for the activities of descent and return of the cycle in V:
  • Responsible for Cost / Quality / Delay Deliverables Cybersecurity.
  • To be the technical interface with the customer for the Cybersecurity domain.
  • Realize the documents and specifications required for the project (safety studies, documents of required, Security file ...)
  • Build and deliver the solution (installation, configuration, and parameterization) at the subsystem and train level.
  • Organize and lead the activities of Verification, Integration and Test projects to ensure compliance with contractual requirements: documents, hardware, and software secured.

Job requirements

EDUCTIONAL REQUIREMENTS: University/ Engineer in degree level

DESIRED KNOWLEDGE/EXPERIENCE:

  • Experience in projects related to security or hacking in general.
  • Knowledge of architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
  • Knowledge of the main techniques for evaluating systems security (e.g. Fuzzing, flooding ...)
  • Proficiency in intrusion testing techniques.
  • Knowledge of some security solutions and areas, such as BRP / DRP, GRC, IAM, DLP, PKI, SOC, IDS / IPS, SAP security, etc.
  • Master of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, Nessus, BURP
  • Knowledge of encryption issues and tools (e.g. Truecrypt, OpenSSL)
  • Knowledge of low-level filtering (Firewall owners, Iptables, OpenVPN)
  • Knowledge of the security market and its key players;
  • Main standards and regulations, such as ISO 2700X, French LPM and RGS, etc.
  • Methods of risk analysis (ISO 27005, Ebios, etc.);
  • Knowledge in embedded systems (railway / aeronautics ...) would be a plus.
  • Dynamic, autonomous. Creativity and ability to work in a complex environment.