Tas-I Cyber Security Authority Lazio

Tas-I Cyber Security Authority
Roma
Lazio, Lazio

A Joint Venture between Thales (67%) and Leonardo (33%), Thales Alenia Space is a global space manufacturer delivering, for more than 40 years, high-tech solutions for telecommunications, navigation, Earth Observation, environmental management, exploration, science and orbital infrastructures.

Thanks to our diversity of skills, talents and cultures, our customers (governments, institutions, space agencies, telecommunications operators), therefore have Space to Connect, Secure & Defend, Observe & Protect, Explore, Travel & Navigate.

As a major player in the space sector, cybersecurity is a prerequisite for Thales Alenia Space.

It affects all of our areas of activity (Navigation, Telecommunications, Observation, Exploration) and concerns our information systems, our development and production environments as well as the systems and products we design and deliver to our customers.

Because our systems and products can nevertheless be vulnerable to advanced attacks or can attract the attention of cybercriminals and states related threats, TAS-I Cyber Security Authority (CSA) role have been created as part of the Head of Cybersecurity TAS-I Department.

The CSA interacts with all Thales Alenia Space's cybersecurity and engineering players, in TAS-I projects across the board (Countries, Domains, transversal functions).

The CSA combines strong technical skills, in-depth security understanding, and skills to manage different teams in the organization, which do not report directly to him/her.

CSA's tasks represent a high responsibility to Thales Alenia Space commercial success and requires to be up-to-date about new developments in cyber technologies, standards, and competitive offerings.

Overall, CSA becomes a key asset for the success of Thales Alenia Space and TAS-I missions.

The CSA is responsible for monitoring and mastering cybersecurity risks of Products, Projects and Services during early capture, bid and development phases through the following missions:

- Contribute to the definition the cybersecurity technical policy of its scope of responsibility and the associated roadmap

- Report to Head of Cybersecurity the TAS-I cybersecurity risks and KPI regarding Bids and Cyber Security compliance on a regular basis

- Share with TAS-I Centers of Competences the security status and costs of their supplies for projects during Bid and before going into service

- Fill in and validate the cybersecurity maturity dashboard of TAS-I, including the Group Cybersecurity fundamentals compliance level and KPI regarding Bids.

- Alert CPSO / Head of Cybersecurity TAS-I when major deviation is identified and assist in defining the relevant remediation action plans

- Raise cybersecurity alert to TAS-I Technical Director and Head of Cybersecurity TAS-I

- Eventually initiate and support all audits and checks of solutions security activities to ensure compliance with the Organization, regional and national cybersecurity rules, and compliance with Thales Group Policy and TAS Security Instructions

- Check consistency of the cybersecurity technical roadmap of TAS-I with TAS technical strategy (existing technical roadmaps, R&T plan, and Technical Innovation Strategic Plan (TISP)), and also with applicable regulations and standards

- Challenge, support, and approve cybersecurity organizations, strategies and Cyber quotations in bids and solutions.

And also validate the Target security level identified during bid or solution orientation phase (in particular, assess if a pentest is needed)

- Ensure corresponding cost of the implementation of the target security level is identified and included in the solution budget

- Support the Purchasing team to evaluate suppliers' cybersecurity maturity

- Support legal and contracts teams for cybersecurity-specific contractual articles analysis and check to ensure Thales liability

- Participate in key technical reviews for all bids and projects (the SOR in particular) within the operating entity upon PDA request and at least for A2/B2, and verifies the cybersecurity section in the DVa.

- Validate the security status of the solution, before going into service

Level of Knowledge

Provide the education requirements (Level, field, etc. )

and the minimum length of experience required for the position

- Engineer or Master's Degree education, the position needs a minimum of 5 years of relevant experiences made in firms specialized in consulting, technology services, digital transformation, Cybersecurity and industry in IT/OT security, risk and crisis management.

- Confirmed relevant experiences in Defence and Aerospace Industry within one or more domains of Thales Alenia Space like Navigation, Telecommunication, Earth Observation or Space Exploration is expected.

Skills Requirements

Necessary skills and competencies to perform the position

Technical Skills: Soft Skills:

- Product management and product life cycle expertise with a proven track record of delivering next generation solutions

- Information and