The Network Security and Cyber Security Engineer is responsible for designing, implementing, and maintaining a robust and secure network infrastructure for the railway organization. This role requires a deep understanding of network security best practices, cybersecurity principles, and railway-specific security requirements to ensure the protection of critical systems and data.

Key responsibilities: 

Network Security Architecture:

• Analyze the engineering project's network infrastructure and security requirements.
• Design and implement a comprehensive network security architecture, including firewalls, intrusion detection/prevention systems, virtual private networks (VPNs), and access control mechanisms.
• Ensure the network security architecture aligns with industry standards, regulatory requirements, and railway-specific security guidelines.
• Evaluate and select appropriate network security hardware, software, and tools to meet the engineering project's needs.

Cybersecurity Strategy and Implementation:

• Develop and implement a comprehensive cybersecurity strategy for the engineering project, covering areas such as threat detection, incident response, and vulnerability management.
• Implement advanced security controls, including endpoint protection, data encryption, and user access management.
• Ensure the integration of cybersecurity measures with the railway's operational technology (OT) systems, such as signaling, train control, and asset management.
• Collaborate with the engineering project's IT and OT teams to ensure a seamless and secure integration of systems and applications.

Threat Monitoring and Incident Response:

• Establish and maintain a robust security monitoring and incident response framework to detect, analyze, and mitigate cyber threats for the engineering project.
• Implement and manage security information and event management (SIEM) systems, security orchestration and automated response (SOAR) tools, and other security monitoring solutions.
• Develop and regularly test incident response and disaster recovery plans to ensure the engineering project's resilience against cyber attacks.
• Coordinate with the railway's security operations center (SOC) and incident response team to ensure timely and effective incident management for the engineering project.

Compliance and Regulatory Requirements:

• Ensure the engineering project's network and cybersecurity measures comply with relevant industry standards, regulations, and guidelines, such as the Railway Cyber Security Standard (RCSS), the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and the General Data Protection Regulation (GDPR).
• Develop and maintain comprehensive documentation, policies, and procedures to support the engineering project's compliance efforts.
• Collaborate with regulatory bodies, industry associations, and external auditors to address compliance requirements and address any identified gaps.

Continuous Improvement and Innovation:

• Stay up-to-date with the latest trends, technologies, and best practices in network security and cybersecurity, particularly within the railway industry.
• Identify opportunities for improving the engineering project's network and cybersecurity capabilities and recommend appropriate solutions.
• Collaborate with the engineering project's IT, OT, and security teams to align the network and cybersecurity strategy with the organization's overall technology roadmap and business objectives.
• Provide technical guidance and mentorship to junior security engineers and team members working on the engineering project.

You must have: 

• Bachelor's degree in Computer Science, Information Technology, or a related engineering field. A master's degree in Cybersecurity or a relevant discipline is preferred.
• 3-5 years of experience as a Senior Network Security and Cyber Security Engineer, with a strong focus on the railway industry and engineering project-based work.
• Certified Cisco Certified Network Professional (CCNP) Security or Certified Cyber Operations Specialist (CCOS) certification, or equivalent.
• Extensive knowledge of network security technologies, protocols, and best practices, including firewalls, VPNs, intrusion detection/prevention, and access control.
• Proficient in implementing and managing advanced cybersecurity solutions, such as SIEM, SOAR, and endpoint protection.
• Thorough understanding of railway-specific security requirements, including signaling systems, train control, and asset management.

We value:

• Strong project management skills and experience in leading complex network and cybersecurity engineering initiatives.
• Excellent problem-solving, analytical, and troubleshooting skills.
• Effective communication and collaboration skills to work with cross-functional engineering teams, including IT, OT, and security personnel.