Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of defence and security, aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.
In Romania, we are advancing innovation through software engineering, research and development, delivering solutions in key markets in which Thales Group operates. Our engineers design, develop and integrate solutions that impact global industries – from fully operational systems and subsystems for naval warfare and maritime security operations, to air traffic management systems, satellite-based solutions, tactical indoor simulations, identity and biometric technologies and more.
Ready to code the future with Thales Romania? Join a passionate global team driving front-line innovation in AI, aerospace, security, and beyond!
Within an outsourcing or MoveToCloud project, in the CFT, implementation, or RUN phase, and under the direction of the HoD Cybersecurity, in cooperation with the CISO and the Security Officers, the Project Security Manager MoveToCloud intervenes respectively at the request of the Bid Manager or the Program Manager in order to ensure compliance with the IT security requirements stemming from the contract, the regulations in force, the rules of the Group Product Security Office and the Thales Digital Information Systems Security Policy.
In order to demonstrate good security governance, you develop the KPIs, the documents required to maintain and improve when necessary the level of security of the services provided by Thales.
As a Project Security Manager:
You will
Accompany during the integration of a Prospect/Client in the CFT phase, engineering and recurring operations, he is the privileged interlocutor of the CISO (or equivalent) of the Client
Improve and maintain the security level of trust with the client by complying with the contractual, regulatory and internal Thales Digital Services security requirements and by carrying out appropriate reporting
Preserve the business interests of Thales Digital Services by explaining the adaptation needs and residual risks to the competent authorities based on the project’s challenges.
Depending on the project phases, the mission of the Project Security Manager includes:
CFT:
Participate in the identification and definition of security measures during the pre-sales phase
Encrypt all the necessary security activities
Define in relation to the BM the organizational and technical solutions related to contractual, internal TS or regulatory requirements by integrating their description and cost. Analyze the related business risks and alert the BM
Complete all security qualification documents.
Draft the Security Assurance Plan if necessary and contribute to the technical memory of the response
BUILD:
Contribute to the technical security architecture and proposed solutions with regard to requirements.
Serve as an interface with the technical teams of Thales Digital Services to ensure compliance with security requirements
Draft or update the Security Assurance Plan describing organizational and technical security arrangements in response to contractual and regulatory security requirements and have it approved by the Project manager
Complete the PSSI compliance matrix and have it approved by the functional chain SSI
Roll out the specific regulatory processes where applicable (Health, Defense, ...) based on the existing processes of Thales Group and Thales Digital Services
Implement or pilot the implementation of security tools
RUN:
Pilot the Maintenance in Safety Condition (MCS) of the safety devices implemented
Ensure contractual reporting with the client (security indicators, key facts, incidents, ...), lead the safety committees with the latter and participate if necessary in the various project steering bodies
Report to the Engineering delivery manager, the SSI and the client
Perform the reviews of authorizations and access, monitoring Security incidents, monitoring Patch Management, monitoring Customer audits, production of SSI reporting...
Alert and accompany the functional Cyber chain on security incident/event and ensure the interface with the Client
Produce a targeted technological watch or technical advice allowing to provide solutions or answers to the Client
Manage the security derogations and the corresponding risk analyses
Perform regular SSI checks and report the results and evidence
Accompany SSI audits and pilot the corresponding remediation plan
Example of an Project Security Manager contribution to SSI Services subscribed by the Client:
Approval
Analysis of Antivirus reports
Analysis of Vulnerability Audits
Analysis of CERT-IST bulletins
Monitoring of remediation plans following audit
Monitoring of specific security controls of the Client
Raising awareness among THALES Digital Services stakeholders and the Client
Network flow management, hardening of platforms
Management of personal data
The missions of the Project Security Manager lead to permanent interactions with many internal and external actors that should be addressed with hindsight, pragmatism, and several other soft-skills:
Required competencies/experience:
You have an intermediate proficiency in French, B1 minimum
Master’s degree or engineering diploma with around 3 years of relevant experience.
Cloud Security Technical Expertise
Standard information systems security infrastructure, architecture, technologies and processes
ISS Governance Concepts and Principles
Principles of Maintenance in Security Condition and means for project managers and secure architectures
CloudOps and DevSecOps
Referentials, regulations, standards and hygiene guides related to SSI (e.g.: GDPR, ISO27x0x, NIST, Cyber Resilience Act, AI Act, DORA, PCI-DSS, ...
Risk analysis methods (ideally EbiosRM) and application experience
Behavioral skills:
Managing complexity
Support innovation
Share a vision
Act with integrity
Engage key players
Being responsible
Focus on customer needs
Building trust
Take calculated risks
At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.