Hitachi Rail is looking for an enthusiastic self-motivated INFRASTRUCTURE & CYBERSECURITY ENGINEER who thrives in a fastpaced environment. The successful candidate is comfortable performing a wide range of tasks from administrative to strategic. The position in based in Turin, Italy.
Who We Are:
Hitachi Rail is a fully integrated, global provider of rail solutions across rolling stock, signaling, service & maintenance, digital technology and turnkey. With a presence in 38 countries across three continents and over 14,000 employees, our mission is to contribute to society through the continuous development of superior rail transport solutions.
Who We Are in: Turin, Italy:
The Turin offices are located in the area of Piossasco, an excellent position where is easy to reach the airport, train stations and local transport.
Currently we are looking for enthusiastic and pioneering candidates, driven by technological challenge and success, who want to contribute to the satisfaction of our customers and to the growth and global leadership of our business.
The role will touch many different areas of security, ranging from architecture design, development, testing and deployment, particularly onto cloud/on-premise environments.
We're looking for an INFRASTRUCTURE & CYBERSECURITY ENGINEER who:
Provides technical oversight and assurance of the security of the digital solutions being developed for Hitachi, from an architectural, design, development and deployment perspective
Undertakes specific security verification and validation activities on the digital products once they have been delivered
Works with the cloud deployment and infrastructure teams to help design the environments for Hitachi products and services, ensuring they are deployed securely and in line with compliance and best practice
Assists the Head of Infrastructure and Cybersecurity in promoting secure digital projects across the Hitachi organization
Supports, as necessary, the security of the digital products and services on bids, proof-of-concept and delivery projects
Provides the necessary guidance on the implementation of security components into the on-prem and cloud-based solutions, for example Identity & Access Management (IAM), API gateways, Secrets Management and Key vaults
Maintains a continuous awareness of the threat landscape, attack vectors and surface that could threaten the digital products and services
Undertakes any cloud security assessments on suppliers and vendors
and regulations such as NIST 800-53, ISO27001, PCI DSS, GDPR
Hands on experience of cloud platforms and infrastructure, covering Azure, AWS and Google Cloud
Familiarity with the Agile/Scrum methodology
Experience in threat modelling and vulnerability management, including the detection, analysis and remediation of security threats and vulnerabilities facing on-prem and cloud environments
Understanding of security best practices, regulations and standards, particularly those applicable to the cloud
Familiarity of the secure software development lifecycle, including security best practices such as CIS Top 20, OWASP top 10 risks
Exposure to SAST, SCA and DAST tools used through cloud development, testing and integration cycles, e.g. Snyk for Container scanning
Knowledge and experience of security monitoring tools, configuration management tools, host virtualisation, containerisation, vulnerability scanners, proxies, WAFs
Good understanding of DevSecOps principles, activities and toolsets to support CI/CD pipelines
Knowledge of security operations, in particular security logging and alerting and SIEM tools
Awareness of security standards
Fluent Knowledge of English (written & spoken).
Italia: Piossasco (TO)
CONTRATTO A TEMPO INDETERMINATO
DA 1 A 5 ANNI
LAUREA (VECCHIO E NUOVO ORDINAMENTO)
IN ITALIA E ALL' ESTERO
Clicca sul pulsante INVIA LA CANDIDATURA e compila il tuo profilo con tutte le informazioni. È necessaria l'autenticazione con Spid o CIE (Carta di identità elettronica). Se non hai ancora Spid puoi richiedere un supporto utilizzando la chat di assistenza. La selezione è rivolta a candidati di entrambi i sessi (art 27 d.lgs n. 198/06).