What are the responsibilities and job description for the Industrial Cybersecurity Expert position at Expleo?
Overview
Expleo is a trusted partner for end-to-end, integrated engineering, quality services and management consulting for digital transformation. We help businesses harness unrelenting technological change to successfully deliver innovations that will help them gain a competitive advantage and improve the everyday lives of people around the globe.
Facing growing customers' requests in securing our European Critical Infrastructures against Cyberattack, Expleo is looking to strengthen its teams to assist its customers in Air, Sea and Land Transportation.
Responsibilities
- Your role is very diversified and exciting. You will work closely with Industrial Cybersecurity Architects, Engineers, Customer Engineers and Testing and validation teams.
- In this role you will:
- Define System, Component, and sub-components level Cybersecurity of Rail (Applicable to others Transport Industrial areas) systems requirements,
- Align with the Industrial Cybersecurity Architects, testers and customers teams to have the latest Threat landscape and Risks picture to adapt the resilience where needed,
- Keep requirements updated with the latest developments in Regulations, Directives, and other Technical Specifications of the sector,
Qualifications
- We are not looking for the candidate that ticks all the boxes, but if you find yourself in the following sentences then we would be glad to meet you!
- Minimal a bachelor’s degree in computer science or programming,
- Minimum of 5 years of experience in a combination of information security and GRC,
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, IEC 62443; NIST Cybersecurity framework for critical infrastructure,
- You have experience with OT / ICS Cybersecurity,
- You are familiar with OT Network segmentation zonings & requirements,
- Advanced knowledge of risk assessment approaches, methodologies, Target Security Level definition,
- Professional security management certification is a PLUS, such as Certified Information Systems Security Professional (CISSP), CISA, CISM, ISO 27001 LA/LI, ISO 27005 RM, GIAC Information Security Professional (GISP), or other similar credentials,
- Knowledge on Cybersecurity requirements definitions, integrations to Business processes (Procurement, Build, Run, Maintenance, …),
- Significant knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.
Skills
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security requirements related concepts to diverse audiences
- Ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- Ability to collaborate with large international security technology projects and security remediation projects with significant dependencies on external IT teams
- Strong analytical skills with very good experience in documenting requirements based on Architecture design, risk assessments, Threats identified and policies
- Ability to translate technical details into practical understandable requirements for non-Cybersecurity audience (Engineers, Customer stakeholders, …) and Cybersecurity audience (Customer CISO, Cybersecurity Technical teams, …)
- Fluent in English. French and/or German being a strong plus
Benefits
- Collaborative working environment – we stand shoulder to shoulder with our clients and our peers through good times and challenges
- We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects
- Expleo Academy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses
- Competitive company benefits such as medical and dental insurance, pension, life assurance, employee wellbeing programme, sports and social events, birthday hampers and much more!
- Always working as one team, our people are not afraid to think big and challenge the status quo
“We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age”.