Cybersecurity Engineer

Take on a new challenge and apply your cybersecurity expertise in a cutting-edge field. Youll work alongside a highly motivated and dynamic team of cybersecurity professionals.

You'll play a pivotal role in safeguarding Alstoms products and solutions by leading vulnerability assessments, performing scans, penetration testing, and monitoring global threats. Day-to-day, youll collaborate with various teams across the businessincluding Program Managers, Product Development Teams, and Regional Cybersecurity Managerswhile driving the implementation of robust security practices and much more.

Youll specifically take care of conducting security assessments, including vulnerability scans and penetration tests, but also contribute to incident response workflows and provide training on cybersecurity tools and processes.

Well look to you for:

• Performing vulnerability assessments, penetration tests, and policy compliance scans using industry-standard tools.
• Monitoring published vulnerabilities and security advisories, and communicating potential risks to internal teams.
• Providing analysis on vulnerabilities in operating systems, applications, and configurations, and recommending remediation actions.
• Supporting incident response activities as part of the PSIRT team, including first-level analysis and vulnerability remediation workflows.
• Identifying and deploying cybersecurity tools, offering training and guidance to ensure effective use.
• Delivering internal training on cybersecurity processes, tools, and best practices.

All about you

We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role:

• Bachelors or Masters degree in Computer Science, Information Technology, or equivalent.
• Mandatory CEH or equivalent Pen Test certification.
• Preferred certifications: ISA 62443, OSCP, or others like GICSP, CISSP, GSEC, ECSA, CISM, Comptia Pen Test+.
• Experience with security tools such as Qualys, Nessus, Kali Linux, Metasploit, Burp Suite, and more.
• Strong knowledge of networking (TCP/IP, OSI model), operating systems (Windows, Linux), and security technologies (firewalls, IDS/IPS).
• Understanding of programming/scripting languages such as Python, Java, or C.
• Familiarity with security standards and regulations like ISO 2700X, ISA 62443, and NIST.
• Experience in configuration reviews using CIS Benchmarks.
• Knowledge of CVE, CPE, and CWE frameworks.
• Strong analytical, problem-solving, and communication skills.