Cybersecurity Engineer

About This Role

About Us A career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there’s something for everyone to get stuck into. And that’s where you come in.

Job Description: About Us A career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organization to the sustainable and innovative ways we work to bring people together, there’s something for everyone to get stuck into. And that’s where you come in. Accountabilities: Execute and coordinate Cybersecurity engineering activities within the Railway/Metro Programs, ensuring compliance with international standards, project requirements, and regulatory frameworks.

The Cybersecurity Specialist is responsible for performing Risk Assessments, supporting Cybersecurity Assurance tasks, designing and implementing security controls, validating security requirements, and contributing to the deployment of OT Cybersecurity technologies across the programme.

Education & Experience Minimum Education Requirements (International)

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Electrical Engineering, Systems Engineering, Telecommunications Engineering, or other relevant STEM fields.
• Master’s degree in Cybersecurity, Information Assurance, Systems Engineering, or related disciplines is preferred.

Professional Experience

• 3–5 years of hands on Cybersecurity engineering experience in critical infrastructure, OT/ICS environments, transportation systems, energy, utilities, or similar industrial sectors.
• Demonstrated experience applying:

IEC 62443 (required) CLC/TS 50701 (strongly preferred) NIST 800 53 and/or NIST 800 82 ISO 27001/27005

Preferred Certifications

• GICSP, GRID, GCIP
• IEC 62443 Cybersecurity Expert (any level)
• ISO 27001 Implementer/Auditor
• CompTIA Security+, CySA+
• CCNA/CCNP

Accountabilities

• Cybersecurity Governance & Compliance
• Execute High‑Level and Detailed Risk Assessments following IEC 62443‑3‑2, ISO 27005, NIST RMF, and TS 50701 methodologies.
• Conduct Threat & Vulnerability Assessments (TVA) for OT/ICS and railway subsystems.
• Contribute to the development and maintenance of the Cybersecurity Risk Register, ensuring accurate classification, scoring, and mitigation strategies.
• Identify threats across signalling, telecom, SCADA, DCS, and safety‑critical railway systems
• Cybersecurity Assurance
• Support the creation of the Security Case, compliance evidence, and assurance documentation according to IEC 62443 and TS 50701.
• Produce deliverables such as:

Cybersecurity Requirements Specifications Security Design Justifications Risk Treatment Plans Verification & Validation (V&V) records

• Participate in internal and external audits with the Client, Regulators, and Independent Assessors.

• System Design, Architecture & Integration

• Contribute to the design of secure architectures:

• Zones & Conduits (IEC 62443 3 2)
• Segmentation & network security
• Hardening guidelines for OT/ICS assets

• Implement, integrate, and configure security components including:

• Firewalls / NGFW
• NIDS/NIPS & DPI for industrial protocols
• Endpoint Protection / EDR
• Network Access Control (802.1X, RADIUS/TACACS+)
• IAM/PAM platforms
• OT asset discovery solutions
• Backup & DR

• Support integration activities with signalling, telecom, SCADA, and control systems.
• Testing & Validation

Prepare and execute:

• Factory Acceptance Tests (FAT)
• Site Acceptance Tests (SAT)
• Security Requirement Validation
• Security Controls Functional Testing
• Integration Testing for Cybersecurity technologies
• Validate compliance with IEC 62443 Security Levels (SL1–SL4).
• Execute vulnerability scanning, configuration review, and hardening checks.
• Technical Support & Coordination
• Work closely with the Cybersecurity Manager, System Engineering, Telecom, Signalling, SCADA teams, and external suppliers.
• Support incident investigation and root-cause analysis when security events occur.
• Provide technical documentation, engineering reports, and configuration evidence.
• Participate in workshops with customers and subcontractors.

Competencies Technical Expertise

• Strong knowledge of OT/ICS environments (protocols, SCADA, DCS, PLC, RTU).
• Ability to interpret and apply IEC 62443 and TS 50701 requirements in real engineering scenarios.
• Hands‑on experience configuring and validating Cybersecurity technologies (firewalls, NIDS, NAC, EDR, SIEM, etc.).
• Understanding of IT/OT network design, routing, switching, VLANs, VPNs, DMZs.
• Experience conducting vulnerability assessments and supporting penetration testing.
• Ability to produce high‑quality technical documentation.

Soft Skills

• Analytical mindset and problem‑solving skills.
• Ability to work across multidisciplinary teams.
• Strong communication skills, able to explain technical topics to non‑technical stakeholders.
• Commitment to quality, accuracy, and rigorous engineering practice.
• Adaptability to multicultural, international environments.

Required Skills & Knowledge

• IEC 62443‑2‑1, ‑3‑2, ‑3‑3, ‑4‑1, ‑4‑2
• CLC/TS 50701 architecture and assurance concepts
• NIST 800‑53 / 800‑82
• ISO 27001 & ISO 27005
• OT Network Architecture
• Industrial communication protocols (Modbus, OPC UA, DNP3, proprietary railway protocols)
• Firewalls, NIDS/NIPS, EDR/XDR
• IAM / PAM / MFA
• NAC (802.1X, RADIUS)
• Vulnerability and configuration assessment tools
• Linux/Windows hardening
• Basic scripting (Python/PowerShell) — optional but beneficial

Highly Preferred Skills & Knowledge

• Experience in railway or transportation systems.
• Familiarity with UAE cybersecurity regulations (NESA/NIA, TDRA, local critical infrastructure policies).
• Knowledge of EN 50159 or safety‑related communications.
• Experience with SOC operations or SIEM monitoring.
• Experience with cloud‑based or hybrid security architectures.

Organizational & Project Knowledge

• Engineering lifecycle (requirements, design, integration, testing, T&C).
• Documentation development and configuration management.
• Change control process.
• Supplier coordination and technical reviews.
• Reporting and progress tracking.

Thank you for your interest in Hitachi Rail. If your application is of interest, we will be in contact. Please do not hesitate to discover more about us and our latest jobs at https://www.hitachirail.com/careers . At Hitachi Rail, there is a place for everyone. We welcome and value differences in background, age, gender, sexuality, family status, disability, race, nationality, ethnicity, religion, and world view. It is our commitment to create an inclusive environment - we are proud to be an equal opportunity employer. We would be delighted if you would be one of our followers at https://www.linkedin.com/company/hitachirail