IT Security Engineer

Overview

Lead cybersecurity design, compliance, and risk management for CBTC GoA4 railway projects.

Key Responsibilities

• secure configs
• threat modeling
• vulnerability assessment
• cyber audits
• pen testing
• incident response

Tasks

-Work closely with signalling engineers, system integrators, and operations teams to implement secure system configurations and mitigate cyber risks. -Develop and maintain cybersecurity plans, threat models, risk assessments, and vulnerability assessments tailored to railway signalling environments. -Oversee cybersecurity audits, participate in penetration testing efforts, and ensure all findings are addressed in a timely manner. -Conduct security reviews and gap analyses of signalling systems and network architecture. -Lead the cybersecurity design, implementation, and validation of CBTC GoA4 systems across railway projects. -Collaborate with regulatory bodies for relevant compliance and reporting. -Provide training and awareness to internal stakeholders on cybersecurity best practices and compliance needs. -Ensure compliance with Cybersecurity Code of Practice (CCoP) and relevant regulatory requirements for Critical Information Infrastructure (CII). -Support incident response planning, testing, and coordination.

Requirements

• cissp
• cism
• iso 27001
• nist
• ids/ips
• ot

What You Bring

-Excellent communication skills and ability to work cross-functionally. -Experience in risk management for both IT and OT environments is highly advantageous -Relevant certifications (e.g., CISSP, CISM, GICSP, ISO 27001 Lead Implementer/Auditor) are a plus. -3–6 years of experience in cybersecurity, preferably within critical infrastructure or transportation systems. -Knowledge of cybersecurity frameworks such as NIST, ISO 27001, IEC 62443. -Strong understanding of OT (Operational Technology) and ICS/SCADA cybersecurity. -Bachelor's degree in Information Security, Computer Science, Engineering, or a related discipline. -Strong analytical and problem-solving skills. -Experience with railway signalling systems (preferably CBTC GoA4) and understanding of safety as well as security integration in railway environments are preferred. -Experience with network security tools, secure architecture design, IDS/IPS, SIEM, and endpoint protection systems. -Proactive, self-motivated, and organized, -Familiarity with Singapore’s CCoP v2 and cybersecurity governance in the context of CII.

People Also Searched For

Benefits

-Flexible working arrangements

About Siemens

-The company drives progress with solutions in electrification, automation, and digitalization across industries. -With cutting-edge products and services, it leads sustainable innovation for industries like energy, manufacturing, and infrastructure. -Its impressive portfolio includes smart grids, automated factories, advanced healthcare technologies, and solutions for urban mobility. -Siemens’ digital solutions enhance efficiency and sustainability in everything from smart buildings to electric vehicles. -It has contributed to iconic projects, including energy-efficient train systems and automation in key industrial sectors. -Transforming how industries use digital technology to optimize operations and tackle global challenges.

Sector Specialisms