At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling, and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.Could you be the full-time Threat and Vulnerability Management Analyst in Bangalore we're looking for?Your future roleTake on a new challenge and apply your ethical hacking expertise in a cutting-edge field. You'll work alongside talented, collaborative, and forward-thinking teammates.You'll play a key role in safeguarding our organization's assets and enhancing our security program. Day-to-day, you'll work closely with teams across the business (such as infrastructure, application owners, and third-party vendors), analyze threat intelligence reports, and develop remediation plans, among other impactful responsibilities.You'll specifically take care of vulnerability assessments, penetration testing, and implementing Secure SDLC programs, but also contribute to designing and delivering actionable security dashboards.We'll look to you for:Tracking new and emerging threats and vulnerabilities, verifying their applicability, and initiating remediation activities as necessaryAnalyzing assessment reports provided by vendors or third parties and resolving them within defined SLAsDeveloping remediation plans by collaborating with infrastructure and application ownersProviding guidance on patching, configuration settings, and additional security controlsDefining the scope of assessment activities across internal and partner organizationsDesigning and delivering actionable information security dashboards and metricsCreating awareness about good security practices and the benefits of Secure SDLC programsPrioritizing vulnerabilities based on risk and driving them to closure using tools like Qualys, Skybox, and SecOpsAll about youWe value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role:Bachelor's or Master's degree in Engineering, Technology, or a related field6-8 years of relevant IT experienceProfessional certifications such as CISSP, CEH, GPEN, or OSCPExposure to threat modeling, systems hardening, and Secure SDLC programsExperience in application penetration testing and ethical hackingProficiency with tools like Qualys, Veracode, Nessus, AppScan, and SkyboxKnowledge of TCP/IP stack, OSI layers, application programming interfaces, middleware, and mobile technologiesFamiliarity with penetration testing methodologies (e.g., OWASP, OSSTMM, PCI DSS)Strong analytical skills and the ability to drive innovation and process improvementSolid understanding of ITIL process frameworks and experience in creating processes in complex multivendor ecosystemsThings you'll enjoy Join us on a life-long transformative journey - the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. You'll also:Enjoy stability, challenges, and a long-term career free from boring daily routinesWork with new security standards for rail signallingCollaborate with transverse teams and helpful colleaguesContribute to innovative projectsUtilize our flexible and inclusive working environmentSteer your career in whatever direction you choose across functions and countriesBenefit from our investment in your development through award-winning learningProgress towards leadership or specialized roles within cybersecurityBenefit from a fair and dynamic reward package that recognizes your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension)You don't need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you'll be proud. If you're up for the challenge, we'd love to hear from you!Important to noteAs a global business, we're an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We're committed to creating an inclusive workplace for everyone.
