Project Security Manager (Mid level with French)

Thales is a global technology leader trusted by governments institutions and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of defence and security aerospace and space cybersecurity and digital identity were driven by a mission to build a future we can all trust.

In Romania we are advancing innovation through software engineering research and development delivering solutions in key markets in which Thales Group operates. Our engineers design develop and integrate solutions that impact global industries from fully operational systems and subsystems for naval warfare and maritime security operations to air traffic management systems satellite-based solutions tactical indoor simulations identity and biometric technologies and more.

Role: Project Security Manager (Mid level with French)

Ready to code the future with Thales Romania Join a passionate global team driving front-line innovation in AI aerospace security and beyond!

Do you have in-depth knowledge of tools legislation and standards related to cyber security OWASP rules and ISO27K01 You will be the security referent for the project and all internal and external stakeholders involved.

You are rigorous pedagogical pragmatic know how to gain height and concern for Customer Service

Join us!

As a Project Security Manager:

• Under the hierarchical direction of the Head of Discipline Cybersecurity as a Cloud expert and secure development you intervene with the architect the Bid and Program Manager to the implementation of technical and organizational security measures as expected by the Client and the applicable regulations.
• For some sensitive projects you will be involved in the development of approval dossiers.
• Proposal force to continuously improve the security posture you accompany the projects on the definition of development environments and the implementation of the SDLC. You operate the SSI controls analyze the scan results and support projects on remediation.
• You carry out Cyber Governance draft the cyber documentary corpus of projects develop the KPIs the documents required to maintain and improve when necessary the level of security of the services provided by TSN.
• You report to the Cyber channel of TSN as well as to the PM and inform the internal SSI upon request.

You will:

• Accompany during the integration of a Prospect/Client in the CFT phase engineering and recurring operations he is the privileged interlocutor of the CISO (or equivalent) of the Client
• Improve and maintain the security level of trust with the client by complying with the contractual regulatory and internal Thales Digital Services security requirements and by carrying out appropriate reporting
• Preserve the business interests of Thales Digital Services by explaining the adaptation needs and residual risks to the competent authorities based on the projects challenges.
• Conduct training in the secure development of teams.

Depending on the project phases the mission of the Project Security Manager includes:

CFT:

• Participate in the identification and definition of security measures during the pre-sales phase
• Encrypt all the necessary security activities
• Define in relation to the BM the organizational and technical solutions related to contractual internal TS or regulatory requirements by integrating their description and cost. Analyze the related business risks and alert the BM
• Complete all security qualification documents.
• Draft the Security Assurance Plan if necessary and contribute to the technical memory of the response

BUILD:

• Contribute to the technical security architecture and proposed solutions with regard to requirements.
• Serve as an interface with the technical teams of Thales Digital Services to ensure compliance with security requirements
• Draft or update the Security Assurance Plan describing organizational and technical security arrangements in response to contractual and regulatory security requirements and have it approved by the Project manager
• Complete the PSSI compliance matrix and have it approved by the functional chain SSI
• Roll out the specific regulatory processes where applicable (Health Defense ...) based on the existing processes of Thales Group and Thales Digital Services
• Implement or pilot the implementation of security tools

RUN:

• Pilot the Maintenance in Safety Condition (MCS) of the safety devices implemented
• Ensure contractual reporting with the client (security indicators key facts incidents ...) lead the safety committees with the latter and participate if necessary in the various project steering bodies
• Report to the Engineering delivery manager the cyber product channel and the client
• Perform the reviews of authorizations and access monitoring Security incidents monitoring Patch Management monitoring Customer audits production of SSI reporting...
• Alert and accompany the functional Cyber chain on security incident/event and ensure the interface with the Client
• Produce a targeted technological watch or technical advice allowing to provide solutions or answers to the Client
• Manage the security derogations and the corresponding risk analyses
• Perform regular SSI checks and report the results and evidence
• Accompany SSI audits and pilot the corresponding remediation plan
• Follow the Security action plan
• Write the projects security recipe workbook.

The missions of the Project Security Manager lead to permanent interactions with many internal and external actors that should be addressed with hindsight pragmatism and several other soft-skills.

Required competencies/experience:

• Masters degree or engineering diploma and relevant experience.
• Mastery of the Secure Software Development Life Cycle
• Knowledge of security tools (SAST SCA DAST IAST...)
• DevSecOps methodology
• Knowledge of cloud infrastructure architecture technologies and standard IS processes
• ISS governance concepts and principles
• Referentials regulations standards and hygiene guides related to SSI (e.g.: GDPR ISO27x0x OWASP NIS2 AI Act NIST CIS ...)
• Risk analysis methods (ideally EbiosRM) and application experience
• French minimum B2

Behavioral skills:

• Managing complexity
• Support innovation
• Share a vision
• Act with integrity
• Engage key players
• Being responsible
• Focus on customer needs
• Building trust
• Take calculated risks

At Thales were committed to fostering a workplace where respect trust collaboration and passion drive everything we do. Here youll feel empowered to bring your best self thrive in a supportive culture and love the work you do. Join us and be part of a team reimagining technology to create solutions that truly make a difference for a safer greener and more inclusive world.