Req ID:422579

Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated systems, customised services, infrastructure, signalling and digital mobility solutions. Joining us means joining a caring, responsible, and innovative company where more than 70,000 people lead the way to greener and smarter mobility, worldwide

Imagine playing a central role in implementing and maintaining lab security with a consistently ranked Top Employer with a global reach and ISO 27001 certified. Part of the secure lab tour, Alstom is proudly transforming the lab security that is compliant with internal cybersecurity policies in collaboration with IS&T and we are hiring. The Secure Lab Tour scope: Rochester, and Pittsburgh sites.

Objective:

With more than 13,000 employees in 40 countries, Digital & Integrated Systems answers worldwide mobility challenges for passengers and freight transportation through digitalization. It provides solutions to deliver secure and fluid mobility to passengers and operators, by optimizing real-time performance in signaling and multimodality, and by offering connectivity and automated driving. Capitalizing on its comprehensive infrastructure and turnkey expertise, it aims to provide customers in cities, regions and countries with solutions fully integrated in their environment in times of increasing transportation needs.

Alstom’s IS&T (Information Systems & Technology) supports the Digital & Integrated Systems Product Line activity by reinforcing the infrastructure and security management within the labs (i.e., the infrastructure and tools required to develop new products on real or simulated equipment’s and deploy them in customer context). The main purpose of the labs IT management is to support regions and platforms in the execution of their projects and programs by providing and managing adequate and available environments while maintaining the right level of security, compliant with internal cybersecurity policies, compatible with products cybersecurity patterns and adapted to customer requirements.

The Lab security engineer in collaboration with our ISO 27001 certified IS&T team is responsible for the development and test environments in terms of infrastructure delivery and maintenance, including its security management. In this role, you manage functionally the site specific labs managers, owners and the technical teams in charge of infrastructure and security patterns.

Responsibilities:

You will report directly to the Region Cybersecurity Manager and oversee managing the labs within Rochester and Pittsburgh, with the community of local contacts identified, including the following scope:

• Coordinate Cybersecurity activities for the site
  • Identifying the lab cyber security activities for the site
  • Discussing/ arbitrating cyber security topics with different IS&T team like Security, Compute and Cloud, Network etc.
  • Work with local leadership for decision making about different cyber security related topic for the lab
  • Assigning cyber security tasks to lab coordinators/ lab owners
  • Create schedule for different cyber security tasks and drive them until completion
  • Report weekly the progress of each activity to SLT team and local executive leadership
• Manage labs on a day-to-day
  • Ensure availability of machines for development and tests
  • Manage incidents in the labs
  • Ensure service levels are defined as per the criticality (customer exposition, project delivery priorities, etc..) and applied
  • Deliver environments required on a timely manner
  • Decommission unused environments
• Manage Demands for new Labs
  • Support D&IS Platforms and projects to qualify their needs and promote the re-use of existing labs patterns or already available environments
  • Work with the IS&T Region Business Partners to ensure the same lab demands handling all over the world.
  • Capture in advance (at program baseline, at project start) the needs for labs to build the labs right first time.
• Maintain Configuration in labs
  • Ensure the right configurations are defined, from the PC config associated with products / projects to the host needed, the tools or solutions installed, the software and associated licenses and target equipment used
  • Find the most sustainable to maintain these configurations over time.
  • Ensure labs are accessed (physically and virtually) only by authorized staff
• Manage security in labs
  • Deploy the security patterns adapted to labs (adapted to internal and customer context)
  • Ensure right security patterns are developed when not existing
  • React timely on security incidents following required procedures (up to decommissioning infected machines)
  
  

Main Challenges of the Role:

• Work hands in hands with local teams and D&IS Platform to align infrastructure and security management to programs and project timelines
• Coordinate the community of labs owners, whatever organization they belong to (D&IS, IS&T, other service lines)
• Identify risks and impacts of labs services disruption regarding projects and programs delivered.
• Work hands in hands with IS&T Security team to ensure the right treatment of security risks and issues
• Facilitate projects and programs deliveries without compromising on security

Education & Experience:

• University/ Engineering degree level
• Relevant Cybersecurity certifications (GICSP, CISSP, GSEC, CISM) preferred
• Technical Background with 3-5 years of experience in signaling business and/or IT management.
• Able to understand enough the technology (both on signaling products and IT solutions) to drive for the right operational decisions
• Previous hands-on experience in an IT/OT environment with design, configuration, and implementation of some modules such as,
  • Windows (server standard / server core / desktop),
  • Hardware for high availability, OS management
  • Linux (RedHat) Setup / Update / Admin / package mgt
  • BIOS / UEFI
  • Active Directory (group policies, domain controllers, GPOs for Hardening / configuring Windows domain, etc.)
  • Patch Management Solutions (WSUS)
  • VMWare & vCloud (target running environments)
  • Backup and Restore solutions
  • Syslog Solutions
  • Elasticsearch Logstash Kibana (ELK)
  • McAfee ePO (console / AV / Whitelisting)
• Experience in virtualization concepts and technologies (e.g., VMware, Hyper-V, Citrix, etc.)
• Knowledge of scripting (PowerShell / Python)
• Experience in Requirement mgt, Configuration mgt
• Strong documentation (written) and presentation (verbal) skills
• Ability to communicate and collaborate effectively with internal and external stakeholders (across geographic locations worldwide
• Dynamic, autonomous. Creativity and ability to work in a complex environment

Alstom is a global company where our people vision and values embrace Diversity and Inclusion (D&I). Wherever we operate and across all our businesses, we want to create an inclusive culture in which diversity is welcomed and appreciated. By bringing together people from diverse backgrounds and giving everyone the opportunity to contribute with their knowledge, skills, experiences and perspectives, we also generate value for Alstom and its stakeholders.

Employment at Alstom is based solely on a person's merit and qualifications directly related to professional competence. Alstom does not discriminate against any employee or applicant because of race, creed, colour, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.

It is Alstom's policy to comply with all applicable national, state and local laws pertaining to non-discrimination and equal opportunity. The Company's Equal Employment Opportunity (EEO) policy, as well as its affirmative action obligations, includes the full and complete support of the Company. Because it's just the right thing to do. We hope you think so, too.

Job Type:Graduate Job

Nearest Major Market: Rochester
Job Segment: Cloud, System Administrator, Testing, Virtualization, Linux, Technology