Senior Cyber Architect

Chi siamo

Una carriera in Hitachi Rail rappresenta un investimento per il futuro.

Descrizione

Hitachi Rail is looking for an enthusiastic self-motivated Senior Cyber Architect who thrives in a fast-paced environment. The successful candidate is comfortable performing a wide range of tasks from technical design and guidance to strategic input for cybersecurity of our critical railway products. The position is based in Naples, Italy.

About Us

A career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there’s something for everyone to get involved in. And that’s where you come in.

Accountabilities

The Senior Cyber Architect will be a key member of the Cyber Architect Team, contributing to and leading the definition, design, and guidance for cybersecurity implementation across Hitachi Rail's Rolling Stock products throughout their lifecycle. Key responsibilities include:

1. Lead and contribute to defining and maintaining the cybersecurity architecture for Rolling Stock vehicles and their systems (e.g., TCMS, onboard control and information systems, communication networks), based on principles like Zone & Conduit methodology and Defense-in-Depth.
2. Analyze and interpret cybersecurity requirements from customer specifications, international standards (e.g., IEC 62443 series, EN 50701), and relevant regulations (e.g., NIS2 / D.Lgs. 138 / 2024), translating them into technical requirements for hardware and software teams.
3. Define and promote the adoption of Secure Development Lifecycle (SDL) processes and secure coding practices for embedded software development, including guidance for Model-Based Design (MBD) approaches.
4. Perform and/or guide Threat Analysis and Risk Assessment (TARA) activities for railway vehicle systems, defining mitigation measures.
5. Define cybersecurity Verification & Validation (V&V) strategies and requirements, supporting testing activities for security compliance.
6. Collaborate with internal teams such as Software Development, Hardware Design, System Engineering, Project Management, RAMS, Safety, Cybersecurity Assurance, Service, and Field Support to ensure cybersecurity integration and operational continuity.
7. Produce and maintain cybersecurity documentation, including Security Architecture Descriptions, Security Requirements Specifications, TARA reports, and V&V security plans.
8. Provide expert support and define requirements for cybersecurity management activities during the operational phase (e.g., Vulnerability Management, Patch Management, Incident Response, secure updates).
9. Stay updated on evolving cyber threats, vulnerabilities, technologies, and regulations relevant to railway and critical infrastructure systems.

Required Skills / Knowledge

1. Proven experience applying cybersecurity principles to Industrial Automation and Control Systems (IACS), Operational Technology (OT), or complex embedded systems.
2. Strong understanding of cybersecurity standards relevant to the railway sector, especially:

o IEC 62443 series (parts 3-3, 4-1, 4-2)

o EN 50701

3. Familiarity with cybersecurity regulations like NIS2 / D.Lgs. 138 / 2024 and their impact on manufacturers.
4. Experience in defining and implementing Secure Development Lifecycle (SDL), secure coding guidelines, and conducting security analysis (e.g., SAST / DAST), preferably with Model-Based Design exposure.
5. Proficiency in Threat Analysis and Risk Assessment (TARA).
6. Knowledge of cybersecurity architecture design principles for OT/embedded systems (Zone & Conduit, network segmentation, secure interfaces, hardening).
7. Understanding of cybersecurity challenges during the operational phase, including vulnerability, patch management, and incident response.
8. Excellent analytical and problem-solving skills, with the ability to translate complex concepts into requirements.
9. Strong communication skills for effective collaboration with multidisciplinary teams.

Desired Skills / Knowledge

Education / Qualifications

1. Bachelor's or Master's Degree in Computer Engineering, Automation Engineering, Telecommunications Engineering, Cybersecurity, or related fields.
2. Relevant cybersecurity certifications (e.g., CISSP, ISA / IEC 62443 Expert, CSSLP, CISM, CompTIA Security+) are highly desirable.

Languages

1. Fluent in English (written & spoken).
2. Proficient in Italian (written & spoken).

Thank you for your interest in Hitachi Rail. If your application is of interest, we will contact you. Discover more about us and our latest jobs at our website.

At Hitachi Rail, we value diversity and are committed to creating an inclusive environment. We are proud to be an equal opportunity employer.