Cybersecurity Architect

(

220003OB

)

Mission

Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields

Design, support the implementation and control the Cybersecurity of architectures

Ensure the Cybersecurity of someValeo critical systems

(e.g. platform, solution, service)

Perform Cybersecurity watch

Upon request, provide assistance on other critical topics (e.g. incidents, v

**Responsibilities**:
Accountability

Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields

Define/update Cybersecurity architecture best practices based on Valeo CSMS (CyberSecurity Management System), Cybersecurity standards, Valeo Information Systems environment and other product disciplines when applicable.

Design, support the implementation and control the Cybersecurity of architectures

Determine Cybersecurity requirements in a way to fulfill business objectives and Valeo Cybersecurity requirements

Plan, research and design robust Cybersecurity architectures

Including full product or information management covering the full lifecycle as detailed in the CSMS, whenever applicable

Including DRP (Disaster Recovery Plan), log management, potential integration issues and cost constraints, when applicable

Analyze and assess external components (e.g. libraries, software, hardware) and internal item (e.g. IS/IT solutions) in his/her scope of responsibility, according to Valeo Cybersecurity standards

Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)

Anticipate possible Cybersecurity risks, identify areas of weakness, and respond effectively to possible Cybersecurity breaches

Control final Cybersecurity structures to ensure they behave as expected (including design review)

Plan Cybersecurity breach tests (e.g. stress tests, pentests)

Cybersecurity watch

Remain up to date with the latest Cybersecurity systems, standards, authentication protocols, Cybersecurity solutions, software/component vulnerabilities and threats

Responsibility

Design, support the implementation and control the Cybersecurity of architectures

Acquire a deep understanding of technology (from modules up to the vehicle in its communicating environment, Information Systems, and/or other related domains)

**Perform risk assessments related to the context**:
Third-Party Risk Assessment

Project Information Risk Assessment

Product and/or Service Risk Assessment

Depending on the project or product, design concept / software / components/ infrastructure / Cloud based Cybersecurity architectures

Update the risk assessment whenever it is required (e.g. by an evolution of the requirements/context/product or service use case)

Control that the Cybersecurity requirements are fulfilled during all the phases of the BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan) when applicable

Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)

Follow the critical systems

platform, solution, service

**) during their whole life cycle**:
Ensure Cybersecurity has been taken into account in the RFIs/RFQs/RFPs (Request For Information/Quotation/Proposal)

Advise on the architecture

Write/validate the Cybersecurity requirements

Perform the Third-Party Risk Assessments (when applicable)

Participate to the bidders’ defense (when applicable)

Contribute to and check the contractual Cybersecurity clauses. Liaise with the Legal department whenever it is needed. Report to the project manager or to the management the risks of clause non-execution.

Perform Project Information Risk Assessments (when applicable)

Perform the Product, platform and/or Service Risk Assessment (when applicable)

Advise on the detailed architecture (e.g. review, reuse, change)

Control the Cybersecurity requirements

Before the Go-Live and during the Run

Before the SoP (Start of Production)

Whenever contractual obligations require it

Follow or audit specific projects upon request of the Group Cybersecurity VP or delegates

Report any situation that would put Valeo at risk

Cybersecurity watch

Share his/her Cybersecurity watch within the Cybersecurity organization

Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)

Provide technical expertise

Contribution

Ensure the Cybersecurity of some Valeo critical systems (e.g. platform, solution, service)

Assist in the Supplier selection.

Assist the other Cybersecurity Officers for the projects, products, platforms, services whenever needed

Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities)

Advise on actions to be done

Assist in post-event analysis

Other

Report any situation that would put Valeo at risk

Required

: Master’s degree in Computer Science and/or Cybersecurity

Optional**: Certification(s) related to architecture such as**:
SABSA (Sherwood Applied Business Security Architecture)

CISSP-ISSAP (Info