Industrial Cybersecurity Architect
Facing growing customers' requests in securing our European Critical Infrastructures against Cyberattack, Expleo is looking to strengthen its teams to assist its customers in Air, Sea and Land Transportation.
Role
Your role is very diversified and exciting. You will work closely with Industrial Cybersecurity architects to translate Architecture design into Security requirements.
In this role you will:
- Document the System under Consideration (SuC) functional description,
- Identify the essential and non-essential functions,
- Analyse the environment SUC Cyberthreat landscape,
- Develop a high-level risk assessment to define the zones and Conduits
- Perform a detailed risk assessment to define the targeted Security Level required to protect the SUC
- Define Cybersecurity Requirements Specifications for Zones & Conduits (CRS)
You will be part of a team spread across the World and report directly to Cybersecurity Expertise Centre Manager. You will explain and communicate the CRS to the Industrial Cybersecurity expert, or the Customer Cybersecurity teams, engineers, asset owners, …
Profile
We are not looking for the candidate that ticks all the boxes, but if you find yourself in the following sentences then we would be glad to meet you!
- You are qualified with an IT degree or equivalent,
- You demonstrate experience in IT / OT architecture design (System, Components, and subcomponents levels),
- You have strong expertise in Risk assessments and Security Level definition,
- You are familiar with Industrial Cybersecurity standards: IEC 62443, NIST Cybersecurity framework for Critical Infrastructure,
- You have experience with OT / ICS Cybersecurity,
- You have strong knowledge in IT/OT Network segmentation zonings & requirements,
- You are open to be trained in various Transportation processes and landscapes,
Technical skills:
- Minimum of 3 years' experience of network/system security,
- Knowledge and experience in VM and OS hardening,
- You have been working on Securing automation systems from corporate network communications,
- Knowledge and experience in LDAP/Active Directory, Hardening, network protocols,
- Knowledge of Industrial and/or process automation protocols is a plus (Modbus, Profinet, OPC xx),
- Excellent understanding of security perimeters technologies,
- Security certifications are a plus (SANS, ISO, ISC2…),
- Knowledge of Railway technical specifications is a plus,
- Familiar with IT network protocols (TCP/IP, UDP/IP, TLS, SSH, IPSEC, 802.1X, 801.1Q…) and PKI architectures,
- Fluency in English is a must, knowledge of German and /or French is a plus,
- Ability to synthetize and draw complex architectures in an easy understandable format for both Safety/Security Engineers and Cybersecurity engineers,
- Ability to collaborate & communicate with non-cybersecurity aware people,
- Ability to work in a multicultural environment and remotely,
