Location: Bucharest, Romania

Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of defence and security, aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.

 

In Romania, we are advancing innovation through software engineering, research and development, delivering solutions in key markets in which Thales Group operates. Our engineers design, develop and integrate solutions that impact global industries – from fully operational systems and subsystems for naval warfare and maritime security operations, to air traffic management systems, satellite-based solutions, tactical indoor simulations, identity and biometric technologies and more.

Role: Project Security Manager (Mid level with French)

Ready to code the future with Thales Romania? Join a passionate global team driving front-line innovation in AI, aerospace, security, and beyond!

Do you have in-depth knowledge of tools, legislation and standards related to cyber security, OWASP rules and ISO27K01? You will be the security referent for the project and all internal and external stakeholders involved.

You are rigorous, pedagogical, pragmatic, know how to gain height and concern for Customer Service?

Join us!

As a Project Security Manager:

Under the hierarchical direction of the Head of Discipline Cybersecurity, as a Cloud expert and secure development you intervene with the architect, the Bid and Program Manager to the implementation of technical and organizational security measures as expected by the Client and the applicable regulations.For some sensitive projects, you will be involved in the development of approval dossiers.Proposal force to continuously improve the security posture, you accompany the projects on the definition of development environments and the implementation of the SDLC. You operate the SSI controls, analyze the scan results and support projects on remediation.You carry out Cyber Governance, draft the cyber documentary corpus of projects, develop the KPIs, the documents required to maintain and improve when necessary the level of security of the services provided by TSN.You report to the Cyber channel of TSN as well as to the PM, and inform the internal SSI upon request.

You will:

Accompany during the integration of a Prospect/Client in the CFT phase, engineering and recurring operations, he is the privileged interlocutor of the CISO (or equivalent) of the ClientImprove and maintain the security level of trust with the client by complying with the contractual, regulatory and internal Thales Digital Services security requirements and by carrying out appropriate reportingPreserve the business interests of Thales Digital Services by explaining the adaptation needs and residual risks to the competent authorities based on the project’s challenges.Conduct training in the secure development of teams.

Depending on the project phases, the mission of the Project Security Manager includes:

CFT:

Participate in the identification and definition of security measures during the pre-sales phaseEncrypt all the necessary security activitiesDefine in relation to the BM the organizational and technical solutions related to contractual, internal TS or regulatory requirements by integrating their description and cost. Analyze the related business risks and alert the BMComplete all security qualification documents.Draft the Security Assurance Plan if necessary and contribute to the technical memory of the response

BUILD:

Contribute to the technical security architecture and proposed solutions with regard to requirements.Serve as an interface with the technical teams of Thales Digital Services to ensure compliance with security requirementsDraft or update the Security Assurance Plan describing organizational and technical security arrangements in response to contractual and regulatory security requirements and have it approved by the Project managerComplete the PSSI compliance matrix and have it approved by the functional chain SSIRoll out the specific regulatory processes where applicable (Health, Defense, ...) based on the existing processes of Thales Group and Thales Digital ServicesImplement or pilot the implementation of security tools

RUN:

Pilot the Maintenance in Safety Condition (MCS) of the safety devices implementedEnsure contractual reporting with the client (security indicators, key facts, incidents, ...), lead the safety committees with the latter and participate if necessary in the various project steering bodiesReport to the Engineering delivery manager, the cyber product channel and the clientPerform the reviews of authorizations and access, monitoring Security incidents, monitoring Patch Management, monitoring Customer audits, production of SSI reporting...Alert and accompany the functional Cyber chain on security incident/event and ensure the interface with the ClientProduce a targeted technological watch or technical advice allowing to provide solutions or answers to the ClientManage the security derogations and the corresponding risk analysesPerform regular SSI checks and report the results and evidenceAccompany SSI audits and pilot the corresponding remediation planFollow the Security action planWrite the project’s security recipe workbook.

The missions of the Project Security Manager lead to permanent interactions with many internal and external actors that should be addressed with hindsight, pragmatism, and several other soft-skills.

Required competencies/experience:

Master’s degree or engineering diploma and relevant experience.Mastery of the Secure Software Development Life CycleKnowledge of security tools (SAST, SCA, DAST, IAST,...)  DevSecOps methodologyKnowledge of cloud infrastructure, architecture, technologies and standard IS processesISS governance concepts and principles,Referentials, regulations, standards and hygiene guides related to SSI (e.g.: GDPR, ISO27x0x, OWASP, NIS2, AI Act, NIST, CIS, ...)   Risk analysis methods (ideally EbiosRM) and application experienceFrench minimum B2

Behavioral skills:

Managing complexitySupport innovationShare a visionAct with integrityEngage key playersBeing responsibleFocus on customer needsBuilding trustTake calculated risks

At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.