Cybersecurity Engineer

About Us

A career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there’s something for everyone to get stuck into. And that’s where you come in.

•    JOB OBJECTIVE

Engineer with a professional experience (min. 5 years) in Information Security / Information Technology (IS/IT) security field in designing, development/configuration and maintenance of secure architectures for for products and solutions. 

•    MAIN ACTIVITIES

The Cybersecurity Engineer:

o    Leads cybersecurity design for the Hitachi GTS turnkey solutions (Telecommunications, Signalling, SCADA, including HW and SW). Acts as Interface with the Customer for discussing Cybersecurity design, risks and mitigations as part of the High Level and Detailed Risk Assessment for Cybersecurity. Target standard for applying these principles are the internally recognized ISA/IEC-62443, as well as CLC/TS 50701;
o    Analyses customer needs/requirements and assess solution architectures and technical choices, to translate them into a technical solution that is compatible with customer needs, budget and Hitachi GTS Product Policy. Try to find optimizations to provide best balance between technical and economic aspects, also through competitive dialogues with Security Suppliers during the procurement stage
o    Implements security measures for the protection of computer systems, networks and information by allocating Cybersecurity Requirements to subsystems 
o    Configures and troubleshoot security infrastructure devices during factory testing and site testing 
o    Perform cyber risk assessment activities to identify sensitive data, assess vulnerabilities and evaluate risks. Follow the lifecycle from Design to Commissioning of High Level and Detailed Risk Assessment in coordination with the System Engineer Manager (SEM), and suggests the relevant documents to be delivered to Customer for Cybersecurity discipline;
o    Coordinates with his technical Customer counterpart, 
o    Provide inputs to Project documentation (Design Validation, Solution Orientation Review) as part of the Hitachi GTS review process; 
o    Organizes, when appropriate, technical meetings and peer reviews together with the Architects (ARC) and the SEM and other stakeholders (industry, services, specialties…), in order to perform the cybersecurity solution assessment and validation. Confirm that the Cybersecurity Requirements (IEC-62443 Foundational Requirements) are taken into account by each subsystem;
o    Supports for deployment/installation and site acceptance activities
o    Compiles reports concerning his role and responsibilities according to internal reporting procedure.
o    Drafts official letters and correspondence to be sent to the Customer.
o    Assess variation requests, related to Cybersecurity, in conjunction with GPM for submitting to the Customer. Supports the GPM, the Contract Manager and the Sales department in the technical negotiation of the change proposals and during the preparation of financial Claims;

•    SKILLS AND EXPERIENCE:

o    Masters’ Degree in Engineering (Telecommunications, Electronics, IT)
o    Good Knowledge of Requirement Management process and relevant tool (eg Polarion)
o    Deep Knowledge of System Engineering Principles and relevant tools
o    Experience in analyzing customer cybersecurity requirements and ensuring all requirements are addressed in the products/proejcts design. Requirements are mainly derived from the ISA/IEC-62443;
o    Knowledge of computer networking concepts and protocols, and network security methodologies.
o    Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus and EDR software, authentication systems, log management, SIEM, content filtering, etc.
o    Knowledge of risk management processes (e.g. methods for assessing and mitigating risk).
o    Knowledge of countermeasure design for identified security risks.
o    Knowledge of common standard, regulations, policies, and ethics as they relate to cybersecurity (NIST, IEC 62443, ISO 2700x, EU NIS2) relating to system design.
o    Knowledge of cyber threats and vulnerabilities.
o    Knowledge of information technology (IT) security principles and methods (e.g. firewalls, demilitarized zones, encryption).
o    Knowledge of network access, identity, and access management.
o    Knowledge of various operating systems.
o    Penetration testing and/or vulnerability assessments skills are considered as a benefit.
o    Proven capability of managing/interfacing with Customer and Suppliers
o    Proven capability of coordinating/interfacing with heterogeneous resources in an international context
o    Availability to travel
o    Fluency in Italian and English

Thank you for your interest in Hitachi Rail. If your application is of interest, we will be in contact. Please do not hesitate to discover more about us and our latest jobs at https://www.hitachirail.com/careers.

At Hitachi Rail, there is a place for everyone. We welcome and value differences in background, age, gender, sexuality, family status, disability, race, nationality, ethnicity, religion, and world view. It is our commitment to create an inclusive environment - we are proud to be an equal opportunity employer.

We would be delighted if you would be one of our followers at https://www.linkedin.com/company/hitachirail.