About the position
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Reporting directly to a Security Architecture Manager, the Cybersecurity Architect defines security architecture patterns and contributes to design the appropriate security mechanisms and tools to be implemented within the Alstom Information System. He/She is part of a team of security architects who define and support security solutions, standards and rules to be implemented to enforce the Security Policy in all Infrastructure and Business projects.
Responsibilities
- Identify project needs and gather functional and technical requirements.
- Define use cases, create an enablement roadmap, and establish Acceptance Testing criteria.
- Develop a business case with Total Cost of Ownership (TCO) analysis.
- Validate or produce Architecture Design Documents (ADD) and specify integration requirements.
- Present solutions and create a service catalog for enhancement by the Solution Manager.
- Conduct security studies, validate architectures, and implement infrastructure hardening.
- Lead subcontractors during design and build phases.
- Engage in technology monitoring and drive continuous improvement of cybersecurity solutions.
- Provide troubleshooting expertise and assist in the development of cyber solutions.
- Define roadmaps and support budgeting for security projects.
- Review and approve security deliverables: information system security questionnaires, architecture design documents.
- Perform risk analysis and identify mitigation plan when relevant.
- Ensure that all IT partners/providers respect the security policy when they deliver services.
- Make decisions considering the residual risk and the asset value.
Requirements
- Bachelor's/Master's degree in Engineering/Technology.
- CISSP or CISM certification.
- 7 years of work experience in cybersecurity, 3 years in architecture and design.
- Knowledge and understanding in Security Architecture / Infrastructure Architecture.
- Ability to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.
- Ability to analyse technical risks and vulnerabilities and to design appropriate network security patterns.
- Good understanding of security tools and mechanisms.
- Good understanding of cloud solutions (Microsoft Azure/O365).
- Knowledge of ISO 27002 and ISO 27005.
- Fluency in English.
Nice-to-haves
- Experience in Transport Industry.
Benefits
- Equal-opportunity employer that celebrates diversity.
- Commitment to creating an inclusive workplace.
A Smarter and Faster Way to Build Your Resume