Senior Cybersecurity Specialist – Rail Infrastructure

About the role

DB Engineering & Consulting seeks a Senior Cybersecurity Specialist to lead the security strategy for large‑scale rail and critical infrastructure projects in Saudi Arabia. You will shape governance, risk, and architecture across IT, OT, and rail control systems.

Key responsibilities

• Develop, review and approve project‑wide cybersecurity governance frameworks, methodologies and security architectures.
• Validate technical submittals, designs and system architectures against ISO/IEC 27001/27002, IEC 62443, EN 50129 and KSA NCA requirements.
• Conduct cyber risk assessments, threat modelling and vulnerability analyses for signaling, rolling stock interfaces, OCC/TCC, telecom, AFC, PSD, SCADA and depot systems.
• Implement security controls for authentication, authorization, encryption, access management, network segmentation and intrusion detection/prevention.
• Oversee integration of cybersecurity measures across systems and interfaces, protecting against hacking, malware, spoofing, DDoS and unauthorized access.
• Support testing & commissioning with security validation, penetration testing coordination and readiness verification.
• Coordinate with PMCM teams, contractors, suppliers, O&M entities and employer stakeholders to resolve risks and non‑conformities.
• Prepare executive‑level reports, risk registers and compliance assessments for decision‑making.

Required profile

• Bachelor’s degree in Cybersecurity, Computer Science, Information Security or related field.
• Minimum 18 years of professional experience in cybersecurity for rail, metro or critical infrastructure projects.
• Proven leadership in OT and safety‑critical environments.
• Deep knowledge of ISO/IEC 27001/27002, IEC 62443, EN 50129 and KSA NCA controls.

Required skills

• Cyber risk assessment and threat modelling
• Vulnerability analysis and penetration testing
• Authentication, authorization and encryption mechanisms
• Network segmentation and intrusion detection/prevention
• Security architecture for IT, OT and rail control systems
• Compliance with ISO/IEC 27001, ISO/IEC 27002, IEC 62443, EN 50129, KSA NCA