Railways for the world of tomorrow.
DB Engineering & Consulting is a part of the DB group, a world-leading global railway company with an extensive organization in Germany and projects around the world. Our company offers technically sophisticated and customized infrastructure, mobility and transport solutions. With our sustainable concepts, gained from our experience in project work for decades, we ensure the future success of economic regions, make important contributions to the protection of the environment and help shape the world of the future. We represent 180 years of rail experience, and our infrastructure projects connect continents. We set the standard for transportation and modern mobility.
For Saudi Arabia, we are looking for a passionate Senior Cybersecurity Specialist (m/f/d).
Responsibilities:
- Lead the development, review, and approval of project‑wide cybersecurity governance frame-works, methodologies, and security architectures covering IT, OT, and rail control systems.
- Review and approve cybersecurity‑related technical submittals, designs, and system architec-tures submitted by the D&B Contractor, ensuring compliance with ISO/IEC 27001/27002, IEC 62443, and KSA NCA requirements.
- Conduct and oversee cyber risk assessments, threat modelling, and vulnerability analyses across signaling, rolling stock interfaces, OCC/TCC systems, telecoms, AFC, PSDs, SCADA, and depot systems.
- Ensure implementation of effective security controls for authentication, authorization, encryp-tion, access management, network segmentation, and intrusion detection/prevention.
- Oversee cybersecurity integration across systems and interfaces, ensuring protection against hacking, malware, spoofing, denial‑of‑service, and unauthorized access.
- Support cybersecurity assurance during testing & commissioning, including security validation, penetration testing coordination, and readiness verification for operational launch.
- Coordinate cybersecurity matters with PMCM teams, the D&B Contractor, system suppliers, the O&M Entity, and Employer stakeholders to resolve risks and non‑conformities.
- Prepare executive‑level cybersecurity reports, risk registers, compliance assessments, and recommendations for Employer review and decision‑making.
Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, Information Security, Systems Engineering, or related discipline, with 18+ years of professional experience
- Extensive experience delivering cybersecurity leadership for large‑scale rail, metro, or critical infrastructure projects, including OT and safety‑critical systems.
- Expert knowledge of cybersecurity standards and frameworks including ISO/IEC 27001/27002, IEC 62443, EN 50129 (security aspects), and KSA NCA controls.
- Proven capability to define cybersecurity architectures, policies, risk frameworks, and assurance processes for complex multi‑contract environments.
- Strong understanding of cyber risks associated with automated metro operations, signaling/ATC, OCC/TCC, telecom networks, and data platforms.
- Demonstrated analytical ability to assess complex cyber threats, evaluate vulnerabilities, and recommend proportionate risk mitigation strategies.
- Excellent leadership, coordination, and communication skills for engaging senior stakeholders, contractors, regulators, and Employer representatives.
- High level of professional integrity, discretion, and authority appropriate for a senior specialist role within a major infrastructure megaproject.
