Cyber Design Authority

About Us

A career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there’s something for everyone to get stuck into. And that’s where you come in.

London, Greater London, United Kingdom (Hybrid)

Our Opportunity

We are currently looking for a Cyber Design Authority who will be the technical authority for all cybersecurity design activities across the SRS portfolio. You will provide strategic direction and expert oversight to ensure that all cyber practices, controls, and solutions meet required security standards, regulatory compliance, and operational effectiveness.

You will be responsible for defining and implementing cybersecurity policies, standards, and governance frameworks, ensuring robust risk management, regulatory alignment, and assurance. This includes making certain that all technical, procedural, and operational controls are compliant and effectively aligned with business objectives.

Working closely with security architects, engineers, SMEs, and delivery teams, you will drive a cohesive, proactive, and integrated approach to cybersecurity across SRS programmes and services. This is a hybrid role working a minimum of two days per week from our office in Canary Wharf.

Key Responsibilities:

• Analyse customer needs/requirements and assess solution architecture and technical choices.
• Ensure security solution compliance with customer needs, product policy, make-team-buy (MTB) strategy & applicable legislation, standards & regulations.
• Review technical security risks and opportunities and related mitigation plans throughout the bid or project.
• Ensure best trade-off between customer requirements & product policy consistent with schedule, costs, MTB strategy & risks/opportunities.
• Check the production and the maintenance/service aspects of the solution with the Production Process/Technology Manager (PPTM) and the Service Engineering Manager.
• Approve the technical specification and source selection of subsystems/products to be outsourced, by taking into account MTB policy, export restrictions and offset requirements.
• Check that the engineering environment for the solution is consistent with country/company instruction, and overall solution cost, technical risks & schedule.
• Ensure, with the support of engineering SMEs & safety stakeholders that solution design takes into account contract requirements and applicable security legislation, standards & regulations, and that related certification activities are performed correctly.
• Review and approve the completion of security specific integration, verification, validation and qualification results.
• Lead bid/project security engineering reviews and approve the security deliverables at each project decision milestone.
• Organise appropriate technical meetings and peer reviews together with the Engineering Delivery Manager and other technical stakeholders and experts, in order to perform the solution technical assessment and validation.
• Contribute to business strategy and product development as required.
• Interface with the client to define the solution.
• Keep abreast of technical, legislative and industry specific standards developments in security both within and outside of the company.

Technical Skills and Experience

• Strong technical writing skills and excellent interpersonal communication skills.
• Expertise in cyber and information security solutions relevant to the company, e.g. urban signalling, mainline signalling, communication systems, integrated control systems, etc.
• Excellent understanding of risk assessment frameworks and compliance methodologies.
• Strong knowledge of business case development, resource planning, and effective budget management.
• Extensive experience across systems engineering lifecycle disciplines with a focus on security, including secure-by-design principles, requirements capture, modelling, analysis, system design, and independent verification and validation (IV&V).
• In-depth knowledge and experience of full systems engineering lifecycles for large, complex systems.
• Expertise in industry specific security standards and legislation.
• Well-proven technical/project experience in the development and application of security solutions to critical OT or IT control systems and/or safety critical systems.

Additional qualifications

• Mandatory: Qualified to Degree level (preferably Masters) in a relevant field, e.g. cyber security, networks, computer science, etc.
• Desirable: Certified or working towards a senior level security accreditation, such as CISSP, CISM, etc.

Human Skills

• Proven track record of building and maintaining cross-functional relationships to deliver outcomes that benefit both the immediate team and the wider business.
• Excellent presentation skills.
• Effective personal organisation and an ability to remain composed and focused under pressure.
• Demonstrated ability to lead, manage, mentor and coach a diverse team.
• Excellent problem-solving ability, trade-off skills and attention to detail.

What to expect

We aim to complete a two-stage interview process. The interviews will focus on technical and behavioural competencies. Reasonable adjustments are available with prior notice so please let the Talent Acquisition (TA) partner know if this would be necessary.

What We Can Offer

We’re committed to giving you opportunities to be your best. We believe in embracing the passion and potential of our people, and to achieve this we offer market leading training, development and experiences, along with the opportunity to be mentored and coached by some of the smartest minds in the industry. We hire from within as our first priority, so you’ll have a myriad of opportunities within our diverse, global organisation.

Flexibility

Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.

Thank you for your interest in Hitachi Rail. If your application is of interest, we will be in contact. Please do not hesitate to discover more about us and our latest jobs at Hitachi Rail Careers.

At Hitachi Rail, there is a place for everyone. We welcome and value differences in background, age, gender, sexuality, family status, disability, race, nationality, ethnicity, religion, and world view. It is our commitment to create an inclusive environment - we are proud to be an equal opportunity employer.

Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence required to apply for Baseline and Security Clearance please refer to the UK Government website.