Project Security Specialist
Bangalore, IN
Alstom
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.Req ID:469879
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.
JOB TITLE & JOB CODE
Job Title (Job Code): Security into Project Specialist
PURPOSE OF THE JOB
Reporting directly to the Security into Project Leader, the Security into Project specialist ensures that the “Security into Project” policy (ISM-WMS-020) is applied for assigned IS&T project, or Business managed digital initiative. The Security into Project specialist will ensure that the design patterns and standards are implemented applying the existing processes and procedures.
ORGANISATION
Organisation structure (job belongs to..)
Digital Services
Reports directly to:
Head of Security into Project
Other reporting to:
Direct reports:
N/A
Network & Links
Internal
- Security Architecture, GRC and ISMS team
- Architects, Project Managers and PMO,
- Business teams
External
- Service Providers and vendors
MAIN RESPONSABILITIES
- Review and approve security deliverables: information system security questionnaires, architecture design documents, security checklist.
- Ensure that Security Inquiry for Partners (SIP) is validated and signed of for all eligible partners in the ecosystem
- Ensure that Secure configurations are systematically applied for given projects or business initiatives
- Security Acceptance – make the right decision considering the residual risk and the asset value.
Qualifications
Educational Requirements
Mandatory:
- Bachelor's/Master's degree in Engineering/Technology
Desirable:
- CISSP or CISM
- Experience in Transport Industry is a plus
Experience
Mandatory:
- 4 years of work experience in cybersecurity
- 2 years in architecture and design
Desirable:
General Competencies & Skills
- Knowledges and understanding in Security Architecture / Infrastructure Architecture.
- Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.
- Able to analyse technical risks and vulnerabilities and to design the appropriate network security pattern (firewalling, proxy, WAF, VPN, etc.).
- Good understanding of security tools and mechanisms (IDS/IPS, antivirus, anti-malware, authentication mechanisms, IAM, PKI, encryption, etc.).
- Good understanding of cloud solutions (Microsoft Azure/O365, security solutions in and for the cloud).
- Knowledge of ISO 27002 and ISO 27005.
- Fluency in EnglishIT
You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!
Important to note
As a global business, we’re an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We’re committed to creating an inclusive workplace for everyone.
Job Type:Experienced
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Azure CISM CISSP Cloud Encryption IAM IDS IPS ISMS ISO 27002 ISO 27005 Malware Network security PKI VPN Vulnerabilities
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.