Cybersecurity Engineer Hitachi Energy

Accountabilities:

Execute and coordinate Cybersecurity engineering activities within the Railway/Metro Programs, ensuring compliance with international standards, project requirements, and regulatory frameworks. The Cybersecurity Specialist is responsible for performing Risk Assessments, supporting Cybersecurity Assurance tasks, designing and implementing security controls, validating security requirements, and contributing to the deployment of OT Cybersecurity technologies across the programme.

1. Cybersecurity Governance & Compliance

• Execute High Level and Detailed Risk Assessments following IEC 62443 3 2, ISO 27005, NIST RMF, and TS 50701 methodologies.
• Conduct Threat & Vulnerability Assessments (TVA) for OT/ICS and railway subsystems.
• Contribute to the development and maintenance of the Cybersecurity Risk Register, ensuring accurate classification, scoring, and mitigation strategies.
• Identify threats across signalling, telecom, SCADA, DCS, and safety critical railway systems

2. Cybersecurity Assurance

• Support the creation of the Security Case, compliance evidence, and assurance documentation according to IEC 62443 and TS 50701.
• Produce deliverables such as:

Cybersecurity Requirements Specifications Security Design Justifications Risk Treatment Plans Verification & Validation (V&V) records

• Participate in internal and external audits with the Client, Regulators, and Independent Assessors.

3. System Design, Architecture & Integration

• Contribute to the design of secure architectures:
  • Zones & Conduits (IEC 62443 3 2)
  • Segmentation & network security
  • Hardening guidelines for OT/ICS assets
• Implement, integrate, and configure security components including:
  • Firewalls / NGFW
  • NIDS/NIPS & DPI for industrial protocols
  • Endpoint Protection / EDR
  • Network Access Control (802.1X, RADIUS/TACACS+)
  • IAM/PAM platforms
  • OT asset discovery solutions
  • Backup & DR
• Support integration activities with signalling, telecom, SCADA, and control systems.

4. Testing & Validation

Prepare and execute:

• Factory Acceptance Tests (FAT)
• Site Acceptance Tests (SAT)
• Security Requirement Validation
• Security Controls Functional Testing
• Integration Testing for Cybersecurity technologies

• Validate compliance with IEC 62443 Security Levels (SL1 SL4).
• Execute vulnerability scanning, configuration review, and hardening checks.

5. Technical Support & Coordination

• Work closely with the Cybersecurity Manager, System Engineering, Telecom, Signalling, SCADA teams, and external suppliers.
• Support incident investigation and root-cause analysis when security events occur.
• Provide technical documentation, engineering reports, and configuration evidence.
• Participate in workshops with customers and subcontractors.

Competencies

Technical Expertise

• Strong knowledge of OT/ICS environments (protocols, SCADA, DCS, PLC, RTU).
• Ability to interpret and apply IEC 62443 and TS 50701 requirements in real engineering scenarios.
• Hands on experience configuring and validating Cybersecurity technologies (firewalls, NIDS, NAC, EDR, SIEM, etc.).
• Understanding of IT/OT network design, routing, switching, VLANs, VPNs, DMZs.
• Experience conducting vulnerability assessments and supporting penetration testing.
• Ability to produce high quality technical documentation.

Soft Skills

• Analytical mindset and problem solving skills.
• Ability to work across multidisciplinary teams.
• Strong communication skills, able to explain technical topics to non technical stakeholders.
• Commitment to quality, accuracy, and rigorous engineering practice.
• Adaptability to multicultural, international environments.