Cybersecurity Engineer H/F

La société :

What if you embarked on new technologies?
A subsidiary of the ICE industrial group, Mediane Systeme is an innovative engineering company specializing in electronics, embedded systems and industrial IT. Médiane Système has built its identity on a high level of technical expertise by offering its customers support services through its R&D (DRD) and ConSulting (DCS) departments.
Present in Belgium, Italy and France, we are a partner of major industrial accounts and many SMEs. From the automotive to the medical sector, including energy, railways, aeronautics and telecoms. Our company intervenes exclusively in system engineering (embedded software, application software for industry, digital and analog electronics, test benches) in advanced technological environments.
Created by engineers for engineers, Mediane Systeme is a technical company on a human scale, close to its employees, which for 30 years has favored the development of skills and the fulfillment of its employees.

Le poste :

One of the last challenges faced by the railway sector is to take into account the cybersecurity within their solutions: Railway systems, as with most Industrial Automation Control Systems (IACS), have been considered immune to cyber security threats and attacks for years. Nevertheless, the increase of interconnected and digitalized assets in the railway sector and the parallel increase of cyber-crime targeting IACS have driven the need for a coordinated approach to cybersecurity implementation.
Overall Purpose Of The Role
-Define security needs as per product baseline for embedded software and electronic product.
-Define the program cybersecurity Management plan following applicable Alstom processes, rules and guidelines and verify these are followed by the program teams.
-Analyze program security needs (including standards and regulations), determine security objectives and main security risks strategy.
-Plan security activities within the program development life cycle in hand with supplier and program needs.
-Manage the program cybersecurity deliverables with respected program milestones.
-To reach agreement with program manager for residual risk.
-Report and orchestrate security events for product.
-Liaise with the rolling stock platform team to define the most suitable solution.
-Apply and export SAR (security assurance requirements).
-Define and review cybersecurity operating procedures.
-Evaluate the program achieved cybersecurity level at the end of the development cycle.
In case of external cybersecurity audit, manage the relationship with auditors.

Profil recherché :

To be considered for this role, candidate need to demonstrate the following skills experience and attributes:
Master's degree in engineering/Technology (preferably electronics/power electronics) or related field
3-5 yrs of experience in the field of OT/IT cybersecurity
Knowledge of electronics, basic communication protocols, OS, Network architecture and product-oriented development is highly recommended
Methods of cybersecurity risk analysis
Experience related to cybersecurity in general (risk assessment, countermeasure specification and evaluation), deployment experience of security technologies.
Experience with direct responsibility for hands on architecture, design, development
Strong analytical skills with demonstrated ability for problem solving
Proven planning, prioritization and organizational skills
Preferred to have :
CISSP, CISA, CISCO, Comptia security +, ISO 27K, IEC 62443 or other equivalent certification is an asset
English proficient (oral and written)
Experience in industrial sector (preferable Railways)
Hands on experience on network security devices like security gateway config, firewall, data diode, router, plc controller etc.
Hands on experience with Linux.