We are looking for a Product and Solution Security Expert – Railway Infrastructure meeting the need for smart-mobility solutions
We are making the lives of people who travel easier and more enjoyable while constantly developing new, intelligent mobility solutions.
Your new tasks – Exciting and future oriented
- As a PSSE you will be involved in a project from Bid phase till the closure of the project.
- Conduct Threat and risk analysis, identifying vulnerabilities and proposing mitigation measures.
- Prepare Security concept, defining cyber security relevant activities related to configuration, installation and commissioning of railway signaling and telecommunication systems.
- Design, implement, and manage security architectures for railway signaling and telecommunication systems.
- Prepare Project specific Security policies and procedures.
- Can support multiple projects at the same time and should occupy the function for the main part of is defined working time.
- Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27001 and TS50701) in the project.
- Evaluation of third-party components from a security point of view.
- Preparation of Security Test Plan, test cases and perform security testing(automated and Manual) to ensure the security controls are effectively implemented.
- Analysis of vulnerability finding, developing solution to fix the vulnerability if necessary.
- Respond to security incidents if any, helps in solution development
- Collection of product & solution security related lessons learned and feed into in continuous improvement activities (e.g., update of guidelines, reporting to PSSOs, integration in awareness material).
Your qualification – Well-grounded and adequate
- Bachelor’s degree in cybersecurity, computer science or a related field.
- Should hold professional certification like CCNA, CCNP, IEC62443, CEH, GISCP, or equivalent.
- Deep understanding of OT protocols.
- Exposure to Security tools Like Nessus, NMAP, IDS/IPS, firewall, application Whitelisting, Anti-virus , SIEM etc.
- Should have understanding and experience on PKI, Active directory, Networking, Operating systems ( Windows and Unix ) , ICS/SCADA.
- Knowledge of Vulnerability management, Security testing, System hardening, Patching etc.
- Should have working experience on one of the security standards ( IEC 62443 3-2, 3-3, 4-2, 2-1, TS50701, ISO 27001).
- Must have good understanding of Railway domain ( Signaling Mass Transit / Mainline).
- Has minimum 10+ years experience in one of the fields of professional experience.
- Degree in Computer science or electrical engineering or IT security, certification program Certified Information Systems Security Professional (CISSP) and Certified Secure Software Life Cycle Professional (CSSLP) is helpful.