Working at Cylus
Cybersecurity Services Director
Cylus, the global leader in rail cybersecurity, helps mainline and urban railway companies avoid safety incidents and service disruptions caused by cyber-attacks. Cylus provides a product-based solution CylusOne™ - the first-to-market solution designed to meet the unique cybersecurity needs of the rail industry.
Cylus is growing and has expanded its existing offering of cybersecurity services and is looking for a hands-on world-class cybersecurity services expert. This role includes close interactions with customers and partners, rail professionals from operations as well as IT administrators and technicians, compliance officers, and other key stakeholders to develop and execute cybersecurity services according to leading standards in the rail operational networks.
If you think you have the right attitude and skills, we’d love to hear from you. You are invited to hop aboard our bullet train and have a real impact on the company’s business and culture.
In this role, you will:
● Serve as the Subject Matter Expert for cybersecurity services, methodologies, and best practices for securing rail operational environments.
● Create and expand the company’s cybersecurity services portfolio including the materials and technical content for each of the defined services.
● Own the technical aspects of a service opportunity, from the initial discussions with clients and partners, to supporting the sales process in pricing and proposals, providing all necessary services materials, developing the service technical contents and methodologies, and execution.
● Lead and perform services of responses to compliance audits, such as: security governance and strategy program development, cybersecurity policies and procedures, cyber risk assessments, penetration tests, vulnerability assessments, training, SIEM/SOC related services, incident response, secure design, and other services for rail operators.
● Lead incident response efforts and investigations of suspected information security events.
● Determine threats, identify risks and vulnerabilities to rail organizations, research security breaches and recommend corrective actions.
● Review system design and architectures and make security-related recommendations for rail manufacturers and integrators.
● Be independent in front of clients as their technical point of contact, with confidence, assertiveness, and high client-facing capabilities and interactions.
● Handle multiple long-term projects with broad scope, ambiguity, and high degree of difficulty.
● At least 7 years of experience in developing cybersecurity services methodologies and performing hands-on cybersecurity services related to clients’ infrastructure with deep technical skills.
● Experience in performing the following cybersecurity services on OT environments:
○ Cyber strategy and program development
○ Cyber risk assessments
○ Attack and penetration testing
○ Vulnerability assessments
○ Cybersecurity training (various technical levels)
○ SIEM/SOC related services
○ Incident response policy & procedures
○ Incident response
○ Forensics investigation
○ Threat intelligence
○ Secure network design and secure architecture
● Deep experience with cybersecurity technologies, such as firewalls, data diodes, NAC solutions, and more.
● Experience in writing cybersecurity policies and procedures
● Excellent interpersonal skills including representativeness in front of clients ● Excellent English both in speaking and writing
● Deep knowledge in standards such as NIST SP 800-115, IEC 62443
● Great communication skills, including presentation skills to both C-level and technical personnel
● Independent with excellent self-management and self-learner skills
● Have ability to work under pressure in complex processes and situations