Cybersecurity Architect, GISACC

Mission

• Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields

• Design, support the implementation and control the Cybersecurity of architectures

• Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)

• Perform Cybersecurity watch

• Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)

  Accountability
• Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields

  • Define/update Cybersecurity architecture best practices based on Valeo CSMS (Cybersecurity Management System), Cybersecurity standards, Valeo Information Systems environment and other product disciplines when applicable.

• Design, support the implementation and control the Cybersecurity of architectures

  • Determine Cybersecurity requirements in a way to fulfill business objectives and Valeo Cybersecurity requirements

  • Plan, research and design robust Cybersecurity architectures 

    • Including full product or information management covering the full lifecycle as detailed in the CSMS, whenever applicable

    • Including DRP (Disaster Recovery Plan), log management, potential integration issues and cost constraints, when applicable

  • Analyze and assess external components (e.g. libraries, software, hardware) and internal item (e.g. IS/IT solutions) in his/her scope of responsibility, according to Valeo Cybersecurity standards

• Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service) 

  • Anticipate possible Cybersecurity risks, identify areas of weakness, and respond effectively to possible Cybersecurity breaches

  • Control final Cybersecurity structures to ensure they behave as expected

• Cybersecurity watch

  • Remain up to date with the latest Cybersecurity systems, standards, authentication protocols, Cybersecurity solutions, software/component vulnerabilities and threats

• Design, support the implementation and control the Cybersecurity of architectures

  • Acquire a deep understanding of technology (Information Systems and/or Industrial Control Systems)

  • Perform risk assessments related to the context:

    • Third-Party Risk Assessment

    • Project Information Risk Assessment

  • Depending on the project, design concept / software / components/ infrastructure / Cloud based Cybersecurity architectures

  • Update the risk assessment whenever it is required (e.g. by an evolution of the requirements / context / project or service use case)

  • Control that the Cybersecurity requirements are fulfilled during all the phases of the BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan) when applicable

• Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)

  • Follow the critical systems (platform, solution, service) during their whole life cycle:

    • Ensure Cybersecurity has been taken into account in the RFIs/RFQs/RFPs (Request For Information/Quotation/Proposal) 

      • Advise on the architecture

      • Write/validate the Cybersecurity requirements

    • Perform the Third-Party Risk Assessments (when applicable)

    • Participate to the bidders’ defense (when applicable)

    • Contribute to and check the contractual Cybersecurity clauses. Liaise with the Legal department whenever it is needed. Report to the project manager or to the management the risks of clause non-execution.

    • Perform Project Information Risk Assessments (when applicable)

    • Advise on the detailed architecture (e.g. review, reuse, change)

    • Control the Cybersecurity requirements

      • Before the Go-Live and during the Run

      • Whenever contractual obligations require it

  • Follow or audit specific projects upon request of the Group Cybersecurity VP or delegates

  • Report any situation that would put Valeo at risk

• Cybersecurity watch

  • Share his/her Cybersecurity watch within the Cybersecurity organization

• Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)

  • Provide technical expertise

• Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service) 

  • Advise on possible evolutions. Propose/contribute to a roadmap for improvement.

  • Assist in the Supplier selection.

  • Assist the other Cybersecurity Officers for the projects, platforms, services whenever needed

• Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)

  • Advise on actions to be done

  • Assist in post-event analysis

• Other

  • Report any situation that would put Valeo at risk

• Valeo (Travels abroad are expected according to the needs).

Education/Training

What education and education level are necessary for the position? 

Required: Master’s degree in Computer Science and/or Cybersecurity

Optional: Certification(s) related to architecture such as:

• SABSA (Sherwood Applied Business Security Architecture)

• CISSP-ISSAP (Information Systems Security Architecture Professional)

• CISSP (Certified Information Systems Security Professional)

• CSSA (Certified SCADA Security Architect)

Professional Experience

How many years of professional experience in a specific professional area are required for the position? 

• >10 years of relevant experience in Cybersecurity, in-depth knowledge of Cybersecurity strategies and architectures

• Extensive experience in Information Systems and/or Industrial Control Systems  / IT risk management with a focus on Cybersecurity, performance and reliability 

• Solid understanding of Cybersecurity protocols, cryptography, authentication, authorisation

• Experience in web / mobile and application development

• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies

• Knowledge in:

  • Windows, Unix-like operating systems

  • Perimeter Cybersecurity controls: firewall, IDS/IPS, network access control and network segmentation

  • Router, switch and VLAN Cybersecurity

  • Wireless Cybersecurity

  • Cybersecurity concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies

  • Cloud platforms: Amazon, Google, Azure

  • Serverless functions, Cloud architecture

  • Software Cybersecurity standards

• Ability to interact with a broad cross-section of personnel to explain and enforce Cybersecurity measures

• Excellent written and verbal communication as well as business acumen and commercial outlook

• Client focus, and ability to work independently or as part of a collaborative team

• Knowledge of risk assessment methodologies:

  • Third party auditing

  • Cloud risk assessment methodologies

  • Architecture design auditing

Languages

• Required: Fluency in English 

• Optional: French or other language

Other Specifications

• Strategic problem-solving

• Rigor

• Pragmatism

• Curiosity

• Flexibility

• Communication

• Ability to work in a multicultural environment

• Ability to interact with a wide range of people from different backgrounds (non-technical audience included)