Manager Cyber Security & Regulatory Compliance (m/w/d)

Join to apply for the Manager Cyber Security & Regulatory Compliance (m/w/d) role at Rail Power Systems GmbH.

Welcome to Rail Power Systems, one of the leading technology companies in the field of railway infrastructure and power supply. From trams in local traffic to high‑speed trains in long‑distance traffic, we ensure that overhead lines are always powered, ensuring tomorrow’s mobility today. With enthusiasm and know‑how we develop and deliver bespoke overhead line systems that meet local conditions and the highest customer expectations. As a solid, internationally operating mid‑market company with over a century in the market, we stand for future‑looking and environmentally friendly solutions, guaranteeing a reliable power supply for railway traffic.

To support our team we are looking for a Manager Cyber Security & Regulatory Compliance (m/w/d) at our Munich location. You will help trains get on the right track by working on exciting, ecologically sustainable railway infrastructure projects.

• Build, introduce, and maintain an Information Security Management System (ISMS) according to ISO 27001; support the creation or integration of an OT Security Management based on IEC 62443.
• Analyze requirements from the Cyber Resilience Act (CRA), new product liability guidelines, NIS‑2 directive, AI Act, IT Security Act 2.0 and derive concrete technical and organizational measures, processes, and documentation.
• Develop and maintain a compliance register for security‑relevant requirements, including audit preparation, support, and follow‑up.
• Work closely with the IT department and operational OT areas to define and improve network security concepts (segmentation, zones, firewalls).
• Define Identity & Access Management processes.
• Assist in protecting production‑close systems (SPS, SCADA, MES, etc.) from cyber attacks, considering special requirements.
• Coordinate with development, product management, and quality to implement requirements stemming from CRA & product liability guidelines.
• Contribute to security concepts for connected products.
• Conduct and facilitate risk analyses for IT and OT systems, as well as products and AI systems.
• Develop and advance a Security Incident Management process, ensuring compliance with mandatory reporting obligations (e.g., NIS‑2/IT Security Act).
• Design and implement awareness measures and training for employees (IT, OT, development, management).
• Consult functional areas on projects, procurements, and product development regarding security & compliance.

• Relevant degree (IT, industrial engineering, etc.) or vocational training with extensive IT experience.
• Deep knowledge of Cyber Resilience Act, product liability law, IT Security Act 2.0 (especially KRITIS), AI Act.
• Technical understanding of IT infrastructures and production‑close systems (SPS, SCADA, MES, Industry 4.0).
• Experience establishing or enhancing management systems (e.g., ISMS) and cross‑functional project management.
• Strong service and consulting orientation, hands‑on mentality.
• Excellent communication, results orientation, and sense of responsibility.
• Independent, structured, and solution‑oriented working style.
• Very good German and English language skills.
• Willingness to travel.

• 30 days of vacation.
• Flexible working hours and the possibility to work 12 days per month remotely.
• Comprehensive onboarding into a varied task area with ample freedom in a future‑oriented sector.
• Supportive work climate with helpful colleagues who live teamwork and solidarity.
• Individual development opportunities and specialized training to support your growth.
• State‑pension‐contributing benefits (AVWL) of €319.08 per year.
• Monthly net benefit of €50 (voucher model).
• Corporate benefits with attractive employee offers.
• Bicycle leasing through Deutsche Dienstrad.
• Good transportation links – our site is within walking distance from Heimaranplatz.
• Free parking in our underground garage.
• Community events, e.g., company runs, summer festivals, Christmas parties, and beyond.

For questions about the position, please contact Florian Wurzer at florian.wurzer@rail-ps.com.

Rail Power Systems GmbH | Garmischer Straße 35 | 81373 München | www.rail-ps.com