img
Contract TypeFull-time
Workplace typeOn-site
LocationRiyadh

Job Description

About the Role

Deutsche Bahn (DB) Engineering & Consulting, a division of the global railway leader DB Group, is seeking a Senior Cybersecurity Specialist (f/m/d) to join its operations in Riyadh, Saudi Arabia. DB Engineering & Consulting focuses on delivering advanced infrastructure, mobility, and transport solutions, leveraging 180 years of rail expertise to shape sustainable economic development and modern mobility. This position is integral to safeguarding the cybersecurity of major infrastructure projects within the Kingdom.

Key Responsibilities

  • Lead the development, review, and approval of project-wide cybersecurity governance frameworks, methodologies, and security architectures, covering IT, OT, and rail control systems.
  • Review and approve cybersecurity-related technical submittals, designs, and system architectures from the D&B Contractor, ensuring compliance with ISO/IEC 27001/27002, IEC 62443, and KSA NCA requirements.
  • Conduct and oversee comprehensive cyber risk assessments, threat modeling, and vulnerability analyses for systems including signaling, rolling stock interfaces, OCC/TCC systems, telecoms, AFC, PSDs, SCADA, and depot systems.
  • Ensure the effective implementation of security controls for authentication, authorization, encryption, access management, network segmentation, and intrusion detection/prevention.
  • Oversee the integration of cybersecurity measures across various systems and interfaces to protect against threats such as hacking, malware, spoofing, denial-of-service attacks, and unauthorized access.
  • Provide support for cybersecurity assurance during testing and commissioning phases, including security validation, coordination of penetration testing, and verification of operational readiness.
  • Coordinate cybersecurity matters with PMCM teams, the D&B Contractor, system suppliers, the O&M Entity, and Employer stakeholders to resolve identified risks and non-conformities.
  • Prepare executive-level cybersecurity reports, risk registers, compliance assessments, and actionable recommendations for Employer review.

Qualifications and Requirements

  • A Bachelor's degree in Cybersecurity, Computer Science, Information Security, Systems Engineering, or a related discipline.
  • Over 10 years of professional experience, with a significant portion dedicated to cybersecurity leadership for large-scale rail, metro, or critical infrastructure projects, including operational technology (OT) and safety-critical systems.
  • Expert knowledge of cybersecurity standards and frameworks, including ISO/IEC 27001/27002, IEC 62443, EN 50129 (security aspects), and KSA NCA controls.
  • Proven ability to define cybersecurity architectures, policies, risk frameworks, and assurance processes in complex multi-contract environments.
  • Strong understanding of cyber risks associated with automated metro operations, signaling/ATC, OCC/TCC, telecom networks, and data platforms.
  • Demonstrated analytical skills to assess cyber threats, evaluate vulnerabilities, and recommend effective risk mitigation strategies.
  • Excellent leadership, coordination, and communication skills for engaging with senior stakeholders, contractors, regulators, and Employer representatives.
  • High professional integrity, discretion, and authority suitable for a senior specialist role on a major infrastructure project.

Required Skills

  • Cybersecurity governance frameworks and methodologies
  • Security architecture design and implementation
  • IT and OT security principles
  • Rail control systems security
  • Adherence to ISO/IEC 27001/27002, IEC 62443, and KSA NCA requirements
  • Cyber risk assessments, threat modeling, and vulnerability analyses
  • Security for signaling systems, rolling stock interfaces, OCC/TCC systems, telecoms, AFC, PSDs, SCADA, and depot systems
  • Authentication, authorization, encryption, and access management
  • Network segmentation and intrusion detection/prevention
  • Prevention of hacking, malware, spoofing, denial-of-service, and unauthorized access
  • Security validation and penetration testing coordination
  • Readiness verification for operational launch
  • Risk and non-conformity resolution
  • Executive reporting, risk register management, and compliance assessments
  • Leadership, coordination, and communication
  • Understanding of EN 50129 (security aspects)
  • Awareness of cyber risks in automated metro operations, signaling/ATC, OCC/TCC, telecom networks, and data platforms
  • Analytical ability and risk mitigation strategy development
  • Professional integrity, discretion, and authority

Work Environment and Support

This is a full-time position based in Riyadh, Saudi Arabia. DB Engineering & Consulting supports employee development through a global onboarding program, intercultural training, and career advancement opportunities. Employees benefit from attractive working conditions and competitive compensation aligned with local standards. Relocation and immigration assistance are provided to facilitate international employment.


Requirements

  • Requires +10 Years experience

Similar Jobs