Vulnerability management tool solution manager (f/h/x)

Req ID:495263

Chez Alstom, nous avons une connaissance pointue des réseaux de transport et comprenons ce qui conduit les individus à les emprunter. Des trains à grande vitesse, métros, monorails et tramways aux systèmes intégrés, services, infrastructures, et solutions de signalisation et de mobilité numérique, nous offrons à la diversité de nos clients le portefeuille le plus vaste du secteur. Chaque jour, plus de 80 000 collaborateurs dans le monde qui ouvrent la voie à des solutions de mobilité plus vertes et plus intelligentes pour relier les villes, réduire l’empreinte carbone et remplacer la voiture.

Vulnerability Management Tool Solution Manager (F/H/X)

Localisation : Villeurbanne (69)

MISSIONS

The Vulnerability Management Tool Solution Manager is responsible for overseeing the development of the Vulnerability Management Tool; from start to finish to ensure they meet the stakeholders needs and requirements. This role involves definig the vision for the product, creating a product roadmap, managing the product backlog and collaborating with various stakeholders to deliver updates and status reports.

Key Responsibilities:

1.- VMS Ownership

1. Act as the “Product Owner” for the VMS, taking full responsibility for its performance and alignment with organizational goals.
2. Ensure that the VMS features align with business needs and strategic objectives.
3. Interact with the Vulnerability Management Transformation Manager to ensure alignment and integration with Alstom vulnerability management process.
4. Collaborate with prospective users and stakeholders to understand their needs and translate them into actionable tool requirements
5. Develop and maintain the VMS roadmap, outlining key features and milestones
6. Make informed decisions on feature development, starting with the minimum viable product (MVP) and iteratively building up to a comprehensive solution tailored to Alstom's needs.
7. Oversee all stages of VMS creation, from initial design through to development and deployment.

3 - VMS agile development (build & maintenance)

8. Manage VMS “product backlog”, prioritizing tasks based on VMS requirements and stakeholder input.
9. Ensure that the VMS development process adheres to agile methodologies and best practices.
10. Actively participate in Scrum meetings, including daily stand-ups, sprint planning, and retrospectives.
11. Contribute to the continuous improvement of the agile process.
12. Prepare and participate in sprint demos to showcase progress and gather feedback.
13. Organize and conduct acceptance tests with representative users to validate features and functionality.
14. Ensure change management and resolution of bugs (bug reporting tool, bug backlog management)

4. VMS deployment (run phase)

Ensure the successful deployment of the VMS tool across the organization.

15. Ensure development and delivery of training programs to end-users
16. Ensure availability of supporting material and share space (dedicated teams, FAQ, users manuals, …)
17. Support IS&I Team and ensure it has adequate training to administrate VMS (run phase)
18. Animate network of VMS Key Users to provide updates, support usage and gather and address deployment issues
19. Drive continuous improvement initiatives to enhance the tool's effectiveness and efficiency.

5. Monitoring and reporting

20. Monitor and evaluate the progress of the VMS at each stage of the agile process.
21. Implement metrics and KPIs to assess performance and identify areas for improvement.
22. Work closely with the VMS Program team and Key-Users to provide regular updates and status reports.
23. Ensure transparency and clear communication throughout the project lifecycle.
24. Facilitate regular communication to ensure alignment and gather feedback.
25. Support Vulnerability Management Transformation manager in establishing a vulnerability management dashboard at both Platform and Region levels, in liaise and IS&I.

Educational Requirements (not all being mandatory):

26. University/ Engineer in degree level in embedded systems, telecommunication or cybersecurity
27. Minimum 10 years of experience in OT cyber security (products and systems)
28. 3 years of experience as a product owner
29. 10 years of experience in agile software development
30. Knowledge of the main techniques for evaluating systems security
31. Dynamic, autonomous. Creativity and ability to work in a complex environment
32. Knowledge of main Cybersecurity standards and regulations (such as: ISO 2700X, IEC 62443, IEC 63452, NIST, NIS 2, CRA) or methods of Cybersecurity risk analysis and threat modelling is a plus

Competencies & Skills:

33. Stakeholders management, including executive level.
34. Good communication and interpersonal skills.
35. Customer focus and management skills.
36. Structured and organized with a hands-on approach.
37. Fluent in English and the national language of the site
38. Technical skills, good capacity for synthesis, and an analytic approach
39. Leadership, autonomy, team spirit, and stress resistance

Organization Structure:

40. Hierarchical link to “Cybersecurity Governance & Expertise Director”

Key Interfaces

41. Regions and Platforms PCyMs and Directors
42. VMS Program Manager (Development of VMS)
43. Vulnerability Management Transformation Manager
44. IS&I (hosting and administration of VMS)
45. VMS Key User Network
46. Research and Development departments representatives

It is not necessary to be a train enthusiast to thrive with us. We assure you that when you board one of our trains with your friends or family, you will be proud. If you’re ready to take on the challenge, we would love to meet you!

As an employer present in over 63 countries, we subscribe to the principle of equal access to employment and value diversity. We are committed to creating an inclusive work environment for everyone.