IT Security Engineer

Siemens Mobility is an outstanding place to have a career in an innovative environment. Siemens Mobility Rail Infrastructure business supplies the global markets of rail and road-bound transport with innovative products and solutions for Rail Automation, Rail Electrification and in the area of intermodal mobility, apps and backend systems.

What are my job responsibilities?

We are seeking a dedicated and experienced IT Security Engineer to support the cybersecurity integration and compliance of Communications-Based Train Control (CBTC) Grade of Automation 4 (GoA4) projects. You will play a critical role in ensuring that the cybersecurity requirements of these railway signalling systems meet the required standards and other relevant industry regulations and best practices.

• Lead the cybersecurity design, implementation, and validation of CBTC GoA4 systems across railway projects.
• Ensure compliance with Cybersecurity Code of Practice (CCoP) and relevant regulatory requirements for Critical Information Infrastructure (CII).
• Develop and maintain cybersecurity plans, threat models, risk assessments, and vulnerability assessments tailored to railway signalling environments.
• Conduct security reviews and gap analyses of signalling systems and network architecture.
• Work closely with signalling engineers, system integrators, and operations teams to implement secure system configurations and mitigate cyber risks.
• Support incident response planning, testing, and coordination.
• Oversee cybersecurity audits, participate in penetration testing efforts, and ensure all findings are addressed in a timely manner.
• Provide training and awareness to internal stakeholders on cybersecurity best practices and compliance needs.
• Collaborate with regulatory bodies for relevant compliance and reporting.
  
  

What do I need to qualify for this role?

• Bachelor's degree in Information Security, Computer Science, Engineering, or a related discipline.
• Relevant certifications (e.g., CISSP, CISM, GICSP, ISO 27001 Lead Implementer/Auditor) are a plus.
• 3–6 years of experience in cybersecurity, preferably within critical infrastructure or transportation systems.
• Familiarity with Singapore’s CCoP v2 and cybersecurity governance in the context of CII.
• Knowledge of cybersecurity frameworks such as NIST, ISO 27001, IEC 62443.
• Experience with network security tools, secure architecture design, IDS/IPS, SIEM, and endpoint protection systems.
• Strong understanding of OT (Operational Technology) and ICS/SCADA cybersecurity.
• Experience in risk management for both IT and OT environments is highly advantageous
• Experience with railway signalling systems (preferably CBTC GoA4) and understanding of safety as well as security integration in railway environments are preferred.
• Strong analytical and problem-solving skills.
• Excellent communication skills and ability to work cross-functionally.
• Proactive, self-motivated, and organized,
  
  

What We Offer

• Flexible working arrangements
• Career, professional & personal development
  
  

We support a diverse workforce.

Siemens is a proud equal opportunity employer, creating a work environment of diversity and inclusion. Our diverse workforce cultivates Innovation and Excellence and in turn creates a workplace where our employees belong and prosper. Diversity and inclusion help us fully realise the potential of our people. As part of Siemens Ownership culture, Siemens also genuinely supports reasonable flexible working practices that empower our employees to best meet work and personal commitments.