Industrial Cybersecurity Analyst / Engineer
Facing growing customers' requests in securing our European Critical Infrastructures against Cyberattack, Expleo is looking to strengthen its teams to assist its customers in Air, Sea and Land Transportation.
Your role is very diversified and exciting. You will work closely with Industrial Cybersecurity architects and experts to translate Architecture design and requirements into security measures.
You will remain up to date with on-going Cybersecurity new legislative so to advise and support customer implementations (Cybersecurity Act, Cybersecurity Resilience Act, Transport Specific Cybersecurity Technical Specifications…)
In this role you will:
- Support the saucerization of Industrial solutions integration for our customers,
- Balance business and technical requirements (Architecture Zones and Conduits) at Systems, Components, subcomponents levels to build security measures and countermeasures,
- Assist customers requests for Impact Analysis,
- Provide advice to red and blue customers teams dealing with Cyber-incidents, Cyberthreats response and mitigations,
- Contribute to R&D Cybersecurity projects (Pen testing automated tools for Drones, Embedded systems for automotive, …)
You will be part of a team spread across the World and report directly to Cybersecurity Expertise center manager.
We are not looking for the candidate that ticks all the boxes, but if you find yourself in the following sentences then we would be glad to meet you!
- You are qualified with an IT degree or equivalent. You can collaborate with Engineers to build a secure solution for our customers by integrating Cybersecurity into their activities,
- You are open to be trained in various Transportation processes and landscapes,
- You are familiar with Industrial Cybersecurity standards: IEC 62443, NIST Cybersecurity framework for Critical Infrastructure,
- You have experience with OT / ICS Cybersecurity,
- You are familiar with OT Network segmentation zonings concepts,
- You have been exposed to Cybersecurity Operations by assisting Red/blue teams with end point security, network security and application security,
- You are very good at Security hardening,
- Minimum of 3 years' experience of network/system security,
- Knowledge and experience in VM and OS hardening,
- Knowledge and experience in LDAP/Active Directory, network segmentation,
- Knowledge of Industrial and/or process automation protocols is a plus (Modbus, Profinet, OPC xx),
- Excellent understanding of security perimeters technologies,
- Security certifications are a plus (SANS, ISO, ISC2…),
- Knowledge of Railway technical specifications,
- Familiar with network protocols (TCP/IP, UDP/IP, TLS, SSH, IPSEC, 802.1X, 801.1Q…) and PKI architectures,
- Fluency in English is a must, knowledge of German and /or French is a plus,
- Ability to collaborate & communicate with non-cybersecurity aware people,
- Ability to translate Architecture concepts / Design and requirements, Cybersecurity requirements and specifications into Cybersecurity measures,
- Remote collaboration with international Community of experts across the globe,