Senior Cyber Security Engineer in Glasgow

Siemens Mobility have an exciting opportunity for Senior Cyber Security Engineers to join our Rail Infrastructure business. This role would preferably be located out of our Ashby or Chippenham offices, but we would consider Birmingham, Poole, York or Glasgow for the right candidate. We deliver secure, integrated rail infrastructure systems covering signalling, electrification, power SCADA, and station information, supported by advanced networks and cyber security. Our team works across the full project lifecycle, using industry standards, in-house solutions like CoreShield, and trusted third-party technologies to ensure resilient, compliant systems. The Senior Cyber Security Engineer plays a key role in this, bringing expertise in both product and end-to-end solution security within Operational Technology environments. The role involves developing and leading effective cyber security solutions, including architecture design, security testing, and producing assurance evidence in line with evolving industry standards. The candidate will also be expected to maintain an appreciation of new technologies, emerging risks, and standards, together with their application to support ongoing deliveries.

Responsibilities

• Engaging with client security teams to understand their strategy, risk appetite, and assurance requirements, while specifying and maintaining project security requirements aligned to standards (e.g. NCSC CAF, ISO 27001, NIST, IEC 62443).
• Designing secure system architectures (including zoning and conduits), identifying appropriate security controls, and evaluating third-party components to ensure robust product and solution security.
• Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organisation.
• Compilation and review of artefacts produced during the development and engineering process regarding product & solution security.
• Supporting customer service team in development and deployment of security monitoring and incident response solutions e.g. SIEM as well as security configuration of railway system solutions and implementing and deploying cyber security solutions.
• Supporting the network team in the configuration of network security e.g. firewalls, DMZ, security applications or agents.
• Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test).
• Validation (e.g. penetration testing) to ensure that implementation fulfils security expectations of customers (e.g. to identify security vulnerabilities, and to evaluate the effectiveness of remediation measures).
• Supporting team capability development by mentoring, guiding, supporting and leading junior team members.
• Representing security engineering at project milestones, driving continuous improvement through lessons learned, and contributing to the analysis and response to security vulnerabilities and incidents.

Qualifications & Skills

• Holding or working towards a degree level (or equivalent) in an engineering, scientific or numerate discipline.
• Providing expertise in security engineering leadership in a demanding Operational Technology environment.
• Having proven practical experience of applying IEC 62443 standard series.
• Preferably have at least one of the following: NCSC Certified Degree, CISSP, CCP, GICSP, NCSC ICS Practitioners Security or SANS ICS Security Professionals.
• Having penetration testing practical experience – Desirable.
• Experience in mentoring and developing other engineers.
• Excellent communication skills and the ability to influence both internal and external stakeholders.

Benefits

• Competitive Salary
• 26 days holiday with an option to buy/sell up to 5 days per year
• Attractive pension scheme
• Subsidised BUPA healthcare