Cybersecurity Engineer

Overview

Job Description

Accountabilities

Minimum Education Requirements (International)

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Electrical Engineering, Systems Engineering, Telecommunications Engineering, or other relevant STEM fields.
• Master’s degree in Cybersecurity, Information Assurance, Systems Engineering, or related disciplines is preferred.
• ****Professional Experience****
• 3–5 years of hands on Cybersecurity engineering experience in critical infrastructure, OT/ICS environments, transportation systems, energy, utilities, or similar industrial sectors.
• Demonstrated experience applying:
• IEC 62443 (required) CLC/TS 50701 (strongly preferred) NIST 800 53 and/or NIST 800 82 ISO 27001/27005
• ****Preferred Certifications****

• Gicsp, Grid, Gcip

• IEC 62443 Cybersecurity Expert (any level)

• CompTIA Security+, CySA+

• CCNA/CCNP
• ****Accountabilities****

• Cybersecurity Governance & Compliance

• Execute High‑Level and Detailed Risk Assessments following IEC 62443‑3‑2, ISO 27005, NIST RMF, and TS 50701 methodologies.
• Conduct Threat & Vulnerability Assessments (TVA) for OT/ICS and railway subsystems.
• Contribute to the development and maintenance of the Cybersecurity Risk Register, ensuring accurate classification, scoring, and mitigation strategies.
• Identify threats across signalling, telecom, SCADA, DCS, and safety‑critical railway systems
• Cybersecurity Assurance
• Support the creation of the Security Case, compliance evidence, and assurance documentation according to IEC 62443 and TS 50701.
• Produce deliverables such as:
• Cybersecurity Requirements Specifications Security Design Justifications Risk Treatment Plans Verification & Validation (V&V) records
• Participate in internal and external audits with the Client, Regulators, and Independent Assessors.

• System Design, Architecture & Integration

• Contribute to the design of secure architectures:
• + Zones & Conduits (IEC 62443 3 2)
• + Segmentation & network security
• + Hardening guidelines for OT/ICS assets
• Implement, integrate, and configure security components including:

+ Firewalls / NGFW

+ Network Access Control (802.1X, RADIUS/TACACS+)

+ Backup & DR

• Support integration activities with signalling, telecom, SCADA, and control systems.

• Testing & Validation

• Security Controls Functional Testing

• Integration Testing for Cybersecurity technologies
• Validate compliance with IEC 62443 Security Levels (SL1–SL4).
• Execute vulnerability scanning, configuration review, and hardening checks.

• Technical Support & Coordination

• Work closely with the Cybersecurity Manager, System Engineering, Telecom, Signalling, SCADA teams, and external suppliers.
• Support incident investigation and root-cause analysis when security events occur.
• Provide technical documentation, engineering reports, and configuration evidence.
• Participate in workshops with customers and subcontractors.

Technical Expertise

• Strong knowledge of OT/ICS environments (protocols, SCADA, DCS, PLC, RTU).
• Ability to interpret and apply IEC 62443 and TS 50701 requirements in real engineering scenarios.
• Hands‑on experience configuring and validating Cybersecurity technologies (firewalls, NIDS, NAC, EDR, SIEM, etc.).
• Understanding of IT/OT network design, routing, switching, VLANs, VPNs, DMZs.
• Experience conducting vulnerability assessments and supporting penetration testing.
• Ability to produce high‑quality technical documentation.
• ****Soft Skills****
• Analytical mindset and problem‑solving skills.
• Ability to work across multidisciplinary teams.
• Strong communication skills, able to explain technical topics to non‑technical stakeholders.
• Commitment to quality, accuracy, and rigorous engineering practice.
• Adaptability to multicultural, international environments.

****Required Skills & Knowledge****

• IEC 62443‑2‑1, ‑3‑2, ‑3‑3, ‑4‑1, ‑4‑2
• CLC/TS 50701 architecture and assurance concepts

• OT Network Architecture

• Industrial communication protocols (Modbus, OPC UA, DNP3, proprietary railway protocols)

• Nac (802.1x, Radius)

• Vulnerability and configuration assessment tools
• Linux/Windows hardening
• Basic scripting (Python/PowerShell) — optional but beneficial

****Highly Preferred Skills & Knowledge****

• Experience in railway or transportation systems.
• Familiarity with UAE cybersecurity regulations (NESA/NIA, TDRA, local critical infrastructure policies).
• Knowledge of EN 50159 or safety‑related communications.
• Experience with SOC operations or SIEM monitoring.
• Experience with cloud‑based or hybrid security architectures.

Organizational & Project Knowledge

• Engineering lifecycle (requirements, design, integration, testing, T&C).
• Documentation development and configuration management.
• Change control process.
• Supplier coordination and technical reviews.
• Reporting and progress tracking.
• Thank you for your interest in Hitachi Rail.
• If your application is of interest, we will be in contact.
• Please do not hesitate to discover more about us and our latest jobs at
• https://www.hitachirail.com/careers
• .
• At Hitachi Rail, there is a place for everyone.
• We welcome and value differences in background, age, gender, sexuality, family status, disability, race, nationality, ethnicity, religion, and world view.
• It is our commitment to create an inclusive environment - we are proud to be an equal opportunity employer.
• We would be delighted if you would be one of our followers at https://www.linkedin.com/company/hitachirail