Project Cybersecurity Engineer

Req ID: 446808   We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 75 000 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact. Job Title & Purpose   Job Title EN-XY-01: Cybersecurity Engineer (CyEng)  Purpose of the Job Perform Cybersecurity activities during contract execution   Position in the Organisation Organisation Reporting   Hierarchical manager: Project Cybersecurity Manager (PCyM)  Network & Links Project or Program Manager and team Project/Program Cybersecurity Manager Platform Cybersecurity Managers Region Cybersecurity Managers Cybersecurity Management Office   Missions Performance Measurement/KPI’s

• Provide requested deliverable in time with adequate quality
• Relevancy of proposed technical solution
• Contribution to peer reviews

  Responsibilities Contribute to Project Cyber security activities such as:

• Cybersecurity Risks Assessment
• Cybersecurity Design (Security Architecture principles, additional security controls)
• Cybersecurity Evaluation
• Cybersecurity 3rd party management
• Cybersecurity Vulnerability Management and incident resolution

  Optionally, or if expert :

• Participates to norms & standards committee
• Ensure cyber trend watch (new threats, new techno, ...)
• Contribute to Cybersecurity process and standard definition
• Support and deploy cybersecurity knowledge and processes (coaching, awareness & trainings)
• Peer review of cyber deliverables from other Projects/Programs

  Job Specifications Knowledge & Experience : Educational Requirements: Engineering degree   Technical Knowledge / Experience

• Five+ years of experience related to Cybersecurity or hacking in general
• Main standards and regulations, such as: ISO 2700X, 62443, NIST, NIS, French LPM
• Knowledge of the security market and its key players;
• Knowledge of some security solutions and areas, such as: BRP / DRP, GRC, , PKI, SOC, IDS / IPS, etc.
• Technical proficiency in at least 2 of the following field

• Methods of risk analysis (ISO 27005, Ebios, etc.)
• Architecture concepts and techniques of systems and networks, operating systems and associated programming languages.
• Knowledge of the main techniques for evaluating systems security
• Knowledge of tools of tools such as Wireshark, Nmap, OpenVAS, Nexpose, Metasploit, nessus, BURP
• Encryption issues and tools (e.g. Truecrypt, Openssl)
• Low level filtering (Firewall owners, Iptables, OpenVPN)
• Intrusion testing techniques.

• Knowledge of Experience in embedded or industrial systems (railway / aeronautics ...) is a plus

  Team size : 0  Innovation : Research, Patents etc An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers. We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.    Job Type:​Experienced​