GISACC - Cybersecurity Architect
CAIRO - CAI1, Egypt
Valeo
Valeo is an automotive supplier and partner to automakers worldwide. As a tech company, we design innovative solutions for smart mobility.Valeo is a tech global company, designing breakthrough solutions to reinvent the mobility. We are an automotive supplier partner to automakers and new mobility actors worldwide. Our vision? Invent a greener and more secured mobility, thanks to solutions focusing on intuitive driving and reducing CO2 emissions. We are leader on our businesses, and recognized as one of the largest global innovative companies.
Mission
Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields
Design, support the implementation and control the Cybersecurity of architectures
Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)
Perform Cybersecurity watch
Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)
AccountabilityProvide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields
Define/update Cybersecurity architecture best practices based on Valeo CSMS (Cybersecurity Management System), Cybersecurity standards, Valeo Information Systems environment and other product disciplines when applicable.
Design, support the implementation and control the Cybersecurity of architectures
Determine Cybersecurity requirements in a way to fulfill business objectives and Valeo Cybersecurity requirements
Plan, research and design robust Cybersecurity architectures
Including full product or information management covering the full lifecycle as detailed in the CSMS, whenever applicable
Including DRP (Disaster Recovery Plan), log management, potential integration issues and cost constraints, when applicable
Analyze and assess external components (e.g. libraries, software, hardware) and internal item (e.g. IS/IT solutions) in his/her scope of responsibility, according to Valeo Cybersecurity standards
Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)
Anticipate possible Cybersecurity risks, identify areas of weakness, and respond effectively to possible Cybersecurity breaches
Control final Cybersecurity structures to ensure they behave as expected
Cybersecurity watch
Remain up to date with the latest Cybersecurity systems, standards, authentication protocols, Cybersecurity solutions, software/component vulnerabilities and threats
Design, support the implementation and control the Cybersecurity of architectures
Acquire a deep understanding of technology (Information Systems and/or Industrial Control Systems)
Perform risk assessments related to the context:
Third-Party Risk Assessment
Project Information Risk Assessment
Depending on the project, design concept / software / components/ infrastructure / Cloud based Cybersecurity architectures
Update the risk assessment whenever it is required (e.g. by an evolution of the requirements / context / project or service use case)
Control that the Cybersecurity requirements are fulfilled during all the phases of the BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan) when applicable
Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)
Follow the critical systems (platform, solution, service) during their whole life cycle:
Ensure Cybersecurity has been taken into account in the RFIs/RFQs/RFPs (Request For Information/Quotation/Proposal)
Advise on the architecture
Write/validate the Cybersecurity requirements
Perform the Third-Party Risk Assessments (when applicable)
Participate to the bidders’ defense (when applicable)
Contribute to and check the contractual Cybersecurity clauses. Liaise with the Legal department whenever it is needed. Report to the project manager or to the management the risks of clause non-execution.
Perform Project Information Risk Assessments (when applicable)
Advise on the detailed architecture (e.g. review, reuse, change)
Control the Cybersecurity requirements
Before the Go-Live and during the Run
Whenever contractual obligations require it
Follow or audit specific projects upon request of the Group Cybersecurity VP or delegates
Report any situation that would put Valeo at risk
Cybersecurity watch
Share his/her Cybersecurity watch within the Cybersecurity organization
Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)
Provide technical expertise
Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)
Advise on possible evolutions. Propose/contribute to a roadmap for improvement.
Assist in the Supplier selection.
Assist the other Cybersecurity Officers for the projects, platforms, services whenever needed
Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)
Advise on actions to be done
Assist in post-event analysis
Other
Report any situation that would put Valeo at risk
Valeo (Travels abroad are expected according to the needs).
Education/Training
What education and education level are necessary for the position?
Required: Master’s degree in Computer Science and/or Cybersecurity
Optional: Certification(s) related to architecture such as:
SABSA (Sherwood Applied Business Security Architecture)
CISSP-ISSAP (Information Systems Security Architecture Professional)
CISSP (Certified Information Systems Security Professional)
CSSA (Certified SCADA Security Architect)
Professional Experience
How many years of professional experience in a specific professional area are required for the position?
>10 years of relevant experience in Cybersecurity, in-depth knowledge of Cybersecurity strategies and architectures
Extensive experience in Information Systems and/or Industrial Control Systems / IT risk management with a focus on Cybersecurity, performance and reliability
Solid understanding of Cybersecurity protocols, cryptography, authentication, authorisation
Experience in web / mobile and application development
Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
Knowledge in:
Windows, Unix-like operating systems
Perimeter Cybersecurity controls: firewall, IDS/IPS, network access control and network segmentation
Router, switch and VLAN Cybersecurity
Wireless Cybersecurity
Cybersecurity concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
Cloud platforms: Amazon, Google, Azure
Serverless functions, Cloud architecture
Software Cybersecurity standards
Ability to interact with a broad cross-section of personnel to explain and enforce Cybersecurity measures
Excellent written and verbal communication as well as business acumen and commercial outlook
Client focus, and ability to work independently or as part of a collaborative team
Knowledge of risk assessment methodologies:
Third party auditing
Cloud risk assessment methodologies
Architecture design auditing
Languages
Required: Fluency in English
Optional: French or other language
Other Specifications
Strategic problem-solving
Rigor
Pragmatism
Curiosity
Flexibility
Communication
Ability to work in a multicultural environment
Ability to interact with a wide range of people from different backgrounds (non-technical audience included)
Job:
Cybersecurity AnalystOrganization:
R&D DSIS App TeamSchedule:
Full timeEmployee Status:
RegularJob Type:
Job Posting Date:
2023-02-08Join Us !
Being part of our team, you will join:
- one of the largest global innovative companies, with more than 20,000 engineers working in Research & Development
- a multi-cultural environment that values diversity and international collaboration
- more than 100,000 colleagues in 31 countries... which make a lot of opportunity for career growth
- a business highly committed to limiting the environmental impact if its activities and ranked by Corporate Knights as the number one company in the automotive sector in terms of sustainable development
More information on Valeo: https://www.valeo.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Azure CISSP Cloud Computer Science Cryptography CSSA DDoS DNS Firewalls IDS Industrial IPS R&D Risk assessment Risk management SCADA UNIX VPN Vulnerabilities Windows
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.