Siemens Mobility have an exciting opportunity for Senior Cyber Security Engineers to join our Rail Infrastructure business. This role would preferably be located out of our Ashby or Chippenham offices, but we would consider Birmingham, Poole, York or Glasgow for the right candidate.

Our Team and what we do:

As market leaders across rail, road and logistics, Siemens Mobility Limited are pursuing the goal of networking various transportation systems with one another to move people and goods efficiently - complete mobility!

In Rail Infrastructure we deliver digitally integrated, secure and safe Command, Control and Signalling systems, Electrification, Power SCADA systems, and Station Information and Security Systems. Our rail solutions are connected and secured using market leading data transmission networks and cyber security infrastructure. Our networks and cyber security team provides design, technical assurance, construction, test and support services. We collaborate nationally and globally with cyber security expertise from across the business to deliver cyber security solutions and services to our clients. We work to client and industry standards and frameworks such as Network Rail Security Assurance Framework, London Underground security requirements, NCSC Cyber Assessment Framework, IEC 62443 series, CENELEC and ISO/IEC 27001 delivering cyber security activities throughout the project lifecycle. Further to this, Siemens Mobility has engineered an industry cutting edge security platform, CoreShield, to secure, monitor and manage our rail solutions but we also use third party IT solutions from market leaders.

What will be my role?

This role is for a Senior Cyber Security Engineer with both product & whole solution security expertise within an Operational Technology environment. The candidate will be expected to integrate processes from other disciplines to develop and accountably propose appropriate and effective solutions. The candidate shall be capable of technically specifying, leading, and consulting on Cyber Security related activities including architecture development, security testing and compiling assurance evidence against evolving industry standards.

The Senior Cyber Security Engineer will play a lead role, undertaking a wide range of cyber security activities including: Security requirements management, security compliance and governance, security risk assessment, security engineering and architecture, network security, security solution deployment, system security zoning and protection, development of security test strategies, and supporting security operation integration. The Senior Cyber Security Engineer shall be expected to engage across the whole engineering lifecycle, working alongside product and solution development and project delivery teams. This role will help play a major part in delivering the safe and secured railway systems that the business demands.

As a Senior Cyber Security Engineer you will be a role model to more junior level team members providing mentorship, guidance, support and leadership.

What will be my Responsibilities?

• Engaging with our clients’ security teams to understand their wider security strategy, including process and assurance evidence and risk appetite.
• Specification and maintenance of security requirements for projects. Support for meeting international and regional security standards and regulations (like NCSC CAF, ISO 27001, NIST, IEC62443) in the project.
• Developing architectures that compartmentalise systems into zones and conduits and identifying security controls required to provide adequate protection.
• Evaluation of third-party components regarding product & solution security.
• Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organisation.
• Compilation and review of artefacts produced during the development and engineering process regarding product & solution security.
• Implementation and deployment of cyber security solutions
• Supporting security configuration of our railway systems solutions including IT systems
• Supporting the customer service team in development and deployment of security monitoring and incident response solutions g. SIEM
• Supporting the network team in the configuration of network security g. firewalls, DMZ, security applications or agents
• Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test).
• Validation (e.g., penetration testing) to ensure that implementation fulfils security expectations of customers (e.g., to identify security vulnerabilities, and to evaluate the effectiveness of remediation measures).
• Support to build up required competencies for product & solution security within the project team
• Representing security engineering within project milestone and stage gate reviews.
• Collection of security related lessons learned to feed into in continuous improvement activities
• Involvement in the analysis and response to security vulnerabilities & incidents.

The candidate will also be expected to maintain an appreciation of new technologies, emerging risks, and standards, together with their application to support ongoing deliveries.

What Qualifications, Skills and Experience do I need?

(These are our aspirations. For the right candidate with a growth mindset and clear collaborative behaviours we will help you develop such experience)

• Educated to degree level (or equivalent) in an engineering, scientific or numerate discipline.
• Experience in providing security engineering leadership in a demanding Operational Technology environment.
• Proven practical experience of applying IEC 62443 standard series.
• Understanding and practical experience of applying CENELEC standards.
• Preferably have at least one of the following: NCSC Certified Degree, Certified Information Systems Security Professional (CISSP), NCSC Certified Cyber Professional (CCP), Global Industrial Cyber Security Professional Certification (GICSP), NCSC ICS Practitioners Security or SANS ICS Security Professionals.
• Penetration testing practical
• Experience in mentoring and developing other engineers.
• Excellent communication skills and the ability to influence both internal and external stakeholders.

Benefits include:

• 26 days holiday, increasing up to 29 days with length of service
• Excellent pension, with Siemens matching contributions up to 10% of pensionable salary
• Performance related bonus scheme
• Flexible benefits to suit your personal needs
• Flexible working policy
• Investment in personal development and support to membership of professional institutions

We are looking forward to receiving your online application. Please ensure you complete all areas, of the application form, to the best of your ability to help us review your suitability for the role. We will be in contact as soon as possible with an update on your application.

About us

We’re Siemens. A collection of over 377,000 great minds who are all making the future and you could be one of them. We have offices across the UK, full of hardworking individuals helping us to challenge the today and work towards a brighter tomorrow.

What else do you need to know?

Our compensation package includes a competitive salary, holiday allowance, pension and other additional benefits. We celebrate the fact that our employees are individuals and have different wants and needs. With this in mind, we have a flexible benefits scheme where you can tailor your benefits package to suit you.

If we all thought the same, we would never think of anything new. That’s why we recruit great minds from all walks of life. We recognise that building a diverse workforce is essential to the success of our business, therefore we encourage applications from a diverse talent pool. We are proud to announce that we have partnered with VERCIDA, the UK's largest diversity and inclusion focused careers site where all our vacancies are in an accessible format. We welcome the opportunity to discuss flexibility requirements with our applicants to encourage agile working and innovation. #LI-SM1