Cybersecurity Manager

Job description

As a Cybersecurity Manager Rolling Stock (Metro Rail) you will be responsible for the following:

Cybersecurity Strategy Development:

• Develop and implement cybersecurity strategies specifically for rolling stock, ensuring alignment with overall metro rail security objectives for SMO RS India
• Evaluate and recommend security technologies and processes to safeguard train control systems, onboard communication systems, and other critical infrastructure.

Rolling Stock Cybersecurity Management:

• Oversee the cybersecurity of all rolling stock systems, including train control systems, signaling, onboard diagnostics, and passenger information systems.
• Conduct regular security assessments of rolling stock software, hardware, and communication protocols to identify vulnerabilities.
• Collaborate with engineering teams to integrate cybersecurity measures into the design and maintenance of rolling stock.

Incident Response and Management:

• Develop and implement incident response plans specific to rolling stock cybersecurity incidents.
• Lead investigations and coordinate responses to cybersecurity incidents affecting rolling stock, ensuring minimal disruption to rail operations.
• Work with operations and maintenance teams to implement corrective actions and prevent future incidents.

Compliance and Risk Management:

• Ensure that all rolling stock cybersecurity measures comply with relevant industry standards, regulations, and best practices, such as IEC 62443 and CENELEC EN 50126/50128/50129.
• Conduct risk assessments related to rolling stock cybersecurity, identifying and mitigating potential threats to safety and service continuity.

Vendor and Stakeholder Management:

• Collaborate with rolling stock manufacturers, suppliers, and service providers to ensure that cybersecurity requirements are met throughout the supply chain.
• Serve as the primary point of contact for cybersecurity issues related to rolling stock, liaising with internal teams and external stakeholders.

Policy and Procedure Development:

• Develop and enforce cybersecurity policies and procedures for rolling stock, including guidelines for software updates, data protection, and secure communications.
• Ensure that all relevant personnel are trained and aware of cybersecurity policies, particularly those involved in the operation and maintenance of rolling stock.

Training and Awareness:

• Lead cybersecurity training initiatives focused on rolling stock systems for relevant staff, including engineers, operators, and maintenance personnel.
• Promote a culture of cybersecurity awareness within the rolling stock domain, ensuring that all employees understand the importance of protecting critical systems.

Desired Skills:

Education:

• Bachelors degree in computer science, Cybersecurity, Electrical Engineering, or a related field. Basic knowledge in requirements engineering is a prerequisite.

Experience:

• 10+ years of experience in cybersecurity, with at least 2-3 years in the rail transportation or industrial control systems (ICS) sector.
• Proven experience in securing control systems and communication networks, preferably within the rolling stock or rail industry.

Certifications:

• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), GICSP (Global Industrial Cyber Security Professional), or CISA (Certified Information Systems Auditor)

Skills:

• In-depth understanding of cybersecurity principles as they apply to industrial control systems and rolling stock.
• Proficient in cybersecurity tools and technologies relevant to the transportation sector, including network security, endpoint protection, and intrusion detection systems.
• Strong leadership and communication skills, with the ability to manage cross-functional teams and interact with technical and non-technical stakeholders.
• Ability to work under pressure and manage multiple priorities in a safety-critical environment.

Work Environment:

• Primarily office-based, with frequent visits to rail depots, control centers, and onboard rolling stock.
• May require availability outside regular working hours for emergency response and coordination.