Consultant en recrutement F / H

At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.

Reporting directly to a Security Architecture Manager, the Cybersecurity Architect defines security architecture patterns and contributes to design the appropriate security mechanisms and tools to be implemented within the Alstom Information System. He / She is part of a team of security architects who define and support security solutions, standards and rules to be implemented to enforce the Security Policy in all Infrastructure and Business projects.

MAIN RESPONSABILITIES

1. Project Assessment: Identify project needs and gather functional and technical requirements.
2. Use Case Development: Define use cases, create an enablement roadmap, and establish Acceptance Testing criteria.
3. Business Case Creation: Develop a business case with Total Cost of Ownership (TCO) analysis.
4. Architectural Documentation: Validate or produce Architecture Design Documents (ADD) and specify integration requirements.
5. Stakeholder Engagement: Present solutions and create a service catalog for enhancement by the Solution Manager.
6. Security Standards: Conduct security studies, validate architectures, and implement infrastructure hardening.
7. Leadership: Lead subcontractors during design and build phases.
8. Monitoring and Improvement: Engage in technology monitoring and drive continuous improvement of cybersecurity solutions.
9. Operational Support: Provide troubleshooting expertise and assist in the development of cyber solutions.
10. Roadmap: Define roadmaps and support budgeting for security projects.

The Cybersecurity Architect follows and validates the security aspects in Alstom’s IT projects - Key responsibilities as cyber architect are:

1. Review and approve security deliverables: information system security questionnaires, architecture design documents.
2. Risk analysis: perform risk analysis and identify mitigation plan when relevant.
3. Security Insurance Plan: ensure that all IT partners/providers respect the security policy when they deliver services (e.g., Cloud or SaaS provider).
4. Security Acceptance: make the right decision considering the residual risk and the asset value.

QUALIFICATIONS

1. Bachelor's / Master's degree in Engineering / Technology.
2. CISSP or CISM.
3. Experience in Transport Industry is a plus.
4. 7 years of work experience in cybersecurity, 3 years in architecture and design.

GENERAL COMPETENCIES & SKILLS

1. Knowledge and understanding in Security Architecture / Infrastructure Architecture.
2. Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.
3. Able to analyse technical risks and vulnerabilities and to design the appropriate network security pattern (firewalling, proxy, WAF, VPN, etc.).
4. Good understanding of security tools and mechanisms (IDS / IPS, antivirus, anti-malware, authentication mechanisms, IAM, PKI, encryption, etc.).
5. Good understanding of cloud solutions (Microsoft Azure / O365, security solutions in and for the cloud).
6. Knowledge of ISO 27002 and ISO 27005.
7. Fluency in English.

You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!

Important to note

As a global business, we’re an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We’re committed to creating an inclusive workplace for everyone.