Security Architect - Security Operation Center Job in Alstom

We createsmart innovations to meet the mobility challenges of now and the future. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses, autonomous subways, signalling and digital mobility solutions. Joiningus meansjoininga truly global community of 34?500 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
For more information, please visit: http://www.alstom.com/

Reporting directly to the Head of Information Security Architecture and Standards, the IS Security Architect Security Operation Center defines some security architecture patterns and contributes to design the appropriate security mechanisms and tools to be implemented within the Alstom Information System.

He/She is part of a team of security architects who define and support security solutions, standards and rules to be implemented to enforce the Security Policy in all Infrastructure and Business projects.

He/She defines and owns some Security Solutions, especially solutions which composed Security Operation as Logs and alerts collection & retention, Security monitoring and incident management, Vulnerability assessment, vulnerability management.

Main responsabilities

• The Security Architect Security Operation Center is solution owner for some specific Security Solutions under his responsibility
  • Security studies and standards
  • Architecture validation, against Security Policy
  • Integration of Security into standard designs
  • Support level 3/4 expertise for security solutions
  • Management & budget support on Security projects

• The IS Security architect follows and validates the security aspects in some Alstoms IT projects
  • ISSCQ produce all Information System Security and Compliance Questionnaire at the initial phase of all projects
  • Risk analysis perform risk analysis and identify mitigation plan when relevant
  • Security Insurance Plan make sure that all IT partners/providers respect the security policy when they deliver services (e.g. Cloud or SaaS provider)
  • Security Acceptance make the right decision considering the residual risk and the asset value
  • ISS Run Q&A and industrialization

Qualification & Competencies - Expected Level

Initial Background: an IT leader having 5 years of experience in IT Security activities, ideally with an architecture background in IT Security

Languages: French, English

Mandatory experiences:

• Security Architecture / Infrastructure Architecture
• Excellent written/verbal/communication, listening and facilitation skills
• Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders
• Able to analyze technical risks and vulnerabilities and to design the appropriate network security pattern (SIEM, EDR, SOAR, firewalling, proxy, WAF, VPN, etc.)
• Good understanding of security tools and mechanisms (IDS/IPS, antivirus, anti-malware, authentication mechanisms, IAM, PKI, encryption, etc.)
• Risk analysis
• Knowledge of ISO 27002 and ISO 27005

Alstom is committed to create a diverse & international working environment, that reflects the future of our industry, our clients and end-users. As an employee, you will have a unique opportunity to continue to build your career and directly contribute to the expanding growth of the global transport industry

Job Type:?Experienced?

#LI-CDL