Mermec Deutschland GmbH is a key subsidiary of the MERMEC Group, a global leader in integrated railway transport solutions. The MERMEC Group operates in 21 countries and employs over 3,500 people worldwide. In addition to its permanent locations, the company drives numerous projects in Germany and abroad and is preparing for significant expansion in the coming years.
Joining Mermec Deutschland means becoming part of a global center of excellence in ETCS (ERTMS) technologies, railway automation, and the groundbreaking digital interlocking solution based on the innovative Neupro architecture. With these unique competencies, we are shaping the future of sustainable, safe, and connected railway transport.
To safeguard the transport systems, cybersecurity is a core priority at Mermec Deutschland. We focus on protecting sensitive systems and information from misuse or abuse, whether by unauthorized individuals or by malicious insiders. These efforts ensure the safety of travelers and staff while maintaining the reliability and resilience of transport operations.
Responsibilities
* Act as Cybersecurity Assurance Engineer in projects developing and homologating signalling products
* Planning Cybersecurity Activites, Organization and documentation for the products in development
* Ensuring compliance with contractual requirements and managing any cybersecurity related changes of scope of work and contract
* Ensuring compliance to regulations and standards in particular DIN CLC/TS 50701, IEC62443, Sektorleitlinie, KRITIS VO, Sicherheitsgesetz, EIGV etc
* Writing Cybersecurity Cases and SecAV and coordinating their resolution at interfaces and with the customer
* Knowledge sharing and building internal awareness within the project teams
* Coordinating with other departments concerning the cybersecurity tasks and aspects, in particular to managing cybersecurity related requirements
* Ensure that subcontractors and suppliers respect all relevant cybersecurity requirements
* Support in bidding with respect to cybersecurity assurance by writing concepts, cost estimations and potential subcontracts
* In charge of subcontractor engagement process and management for cybersecurity workpackages such as cybersecurity assessment services
* Cybersecurity deviation management by means of Common Safety Method (CSM)
* Act as IT-Security Integrator as of Sektorleilinie 2.0
Technical skills, qualifications and professional experience
* A degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
* Minimum of 3-5 years of experience in cybersecurity or IT security roles, preferably in railway technology or comparable
* Experience with cybersecurity tools, firewalls, encryption methods, intrusion detection systems, etc.
* Solid understanding and practice of cybersecurity frameworks, regulations, and standards (e.g., DIN CLC/TS 50701, IEC 62443, KRITIS-VO, IT SicherheitsgesetzSektorleitlinie 2.0, ISO 27001, 27002, NIST, CENELEC,).
* Very good knowledge of German (C1) and English (B2).
* Preferably hands-on experience with railway safety-critical systems testing and validation, like ETCS or interlocking
* Solid understanding of system integration and configuration management processes.
* Experience in implementing risk management procedures and creating cybersecurity cases.
Desired skills/knowledge
* Certifications such as CISSP, CISM, or similar are preferred.
* Leadership qualities to mentor junior engineers and drive validation activities.
* Experience with regulatory bodies and certification processes for railway systems.
* Strong problem-solving skills and the ability to work under pressure.
* Excellent communication and teamwork abilities.
* Proactive and self-motivated, with a high level of attention to detail.
We look forward for your application