At Alstom, we understand transport networks and what moves people.

From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry.

Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.

Your future role :

Take on a new challenge and apply your cybersecurity expertise in a cutting-edge field.

Youll work alongside collaborative and dynamic teammates.

You'll play a pivotal role in protecting our infrastructure and ensuring a secure environment for our operations.

Day-to-day, youll work closely with teams across the business (IT, facilities, threat intelligence, and vulnerability management), oversee security operations, and implement governance and compliance measures, and much more.

Youll specifically take care of leading SOC analysts and managing incident response processes, but also driving continuous improvement in SOC workflows and detection capabilities.

Well look to you for :

- Leading and managing SOC analysts across multiple shifts to ensure 24/7 security monitoring and incident response.

- Overseeing threat detection and response using SIEM, NIDS, and endpoint protection platforms.

- Administering and maintaining Trellix ePO for endpoint security and policy enforcement.

- Monitoring and managing alerts from Network Intrusion Detection Systems (NIDS).

- Coordinating incident tracking and resolution using ServiceNow.

- Collaborating with IT and facilities teams via Maximo for infrastructure-related security events.

- Developing and managing shift rosters to ensure optimal coverage and reduce analyst fatigue.

- Ensuring SOC operations align with internal policies and external regulatory requirements (e.g , ISO 27001, NIST, GDPR).

- Driving automation and optimization of SOC workflows and alert triage.

- Generating and presenting regular reports on SOC performance, incident trends, and threat landscape.

All About You :

We value passion and attitude over experience.

Thats why we dont expect you to have every single skill.

Instead, weve listed some that we think will help you succeed and grow in this role:.

- Bachelors or Masters degree in Cybersecurity, Information Technology, or related field.

- Minimum 10 years of experience in cybersecurity, with at least 35 years in SOC operations and team leadership.

- Strong experience with SIEM platforms, Trellix ePO, NIDS, ServiceNow, and Maximo.

- Solid understanding of incident response, malware analysis, and threat intelligence.

- Relevant certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent.

- Experience with cloud security monitoring (AWS, Azure, GCP).

- Familiarity with the MITRE ATT&CK framework and threat modeling.

- Knowledge of scripting and automation (Python, PowerShell).

- Experience managing SOC operations in a hybrid or global environment.

Things youll enjoy :

Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career.

Youll also :

- Enjoy stability, challenges and a long-term career free from boring daily routines.

- Work with new security standards for rail signalling.

- Collaborate with transverse teams and helpful colleagues.

- Contribute to innovative projects.

- Utilise our flexible and inclusive working environment.

- Steer your career in whatever direction you choose across functions and countries.

- Benefit from our investment in your development, through award-winning learning.

- Progress towards senior leadership roles or specialized technical expertise.

- Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension).