Digital Resilience Consultant/ Principal Consultant
- Role type
- York, London, Derby
- Closing Date
Position Title: Digital Resilience Consultant/ Principal Consultant
Department: Ricardo Rail UK
Location: Any UK Ricardo Rail office – London/Derby/York
Reporting to: Head of Digital Railway
Ricardo is a global strategic, technical and environmental consultancy and specialist niche manufacturer of high performance products. We also provide independent assurance services in the rail sector. With a century of delivering excellence and innovation, Ricardo employs over 2,700 professional engineers, consultants and scientists world-wide.
Our activities cover a range of market sectors including passenger car, commercial vehicle, rail, defence, motorsport, motorcycle, off-highway, marine, clean energy and power generation.
Our client list includes the world’s railway operators and infrastructure owners, original equipment manufacturers, supply chain organisations, energy companies, financial institutions and government agencies.
Guided by our corporate values of respect, integrity, innovation and passion, we enable our customers to achieve sustainable growth and commercial success.
Ricardo Rail is Ricardo’s rail division. It is a 600 person multi-disciplinary railway consultancy providing expert advisory and independent assurance services across the UK, Europe, Middle East and Asia.
Our shared goal is to provide class-leading quality and technical excellence; care and integrity drive our long-term relationships with clients and colleagues.
The UK Rail business employees c120 consultants in offices in London, Preston, York, Bristol and Derby.
We are seeking to appoint several consultants in our Digital Resilience consultancy team. This team provides cyber security-based consultancy services to rail clients who are seeking to understand their risk exposure, comply with the cyber security standards and legislation and differentiate themselves through their approach to cyber security.
The successful candidate will:
- Possess a strong track-record in cyber security within rail systems particularly ETCS, TMS, GSM-R, ATO, CBTC or TCMS;
- Have the technical expertise to provide guidance on complex systems particularly from a network architecture, data flow or functional requirements viewpoint;
- Have proven working knowledge of cyber security processes and methodologies, within the rail industry;
- Be expected to possess an expert understanding of the V-lifecycle and the various disciplines that entails in a complex, safety critical environment;
- Have good knowledge of NIS-D regulations, IEC 62443 or other cyber security standards and applied this knowledge on a safety critical system;
- Have strong stakeholder management skills;
Accountability / Key Responsibilities
- Act as a source of guidance and expertise both to clients and to colleagues, ensuring a proactive approach is taken to resolving issues and identifying and working around constraints, and demonstrating a consistently high standard of delivery;
- Support the procurement/bidding through technical leadership;
- Liaises with our Digital Resilience partner – ROKE;
- Technical management within our cyber security business;
- Undertaking cyber security-based risk assessments;
- Analysis of controls and measures of a system according to industrial standards;
- Providing guidance and training to customers on cyber security standards;
- Analysis and reporting on network and system designs and providing recommendations to customers based on their cyber security requirements
- Preparing and presenting technical publications;
- To comply with Ricardo Rail’s Health and Safety requirements with respect to their personal health and safety and, as manager, to be responsible and accountable within their respective areas for: the management and control of risk, demonstrating visible safety leadership and ensuring implementation of health and safety systems and compliance;
In order to be successful, you will be able to demonstrate the following.
- Education to degree level in a relevant discipline;
- Chartered Engineer, or working towards;
- An active member of the appropriate engineering institution(s).
- preferably IEC62443 certificate 1 or 2; GIAC certification for ICS (GICSP, GRID or GCIP) or other certificate/training in cyber security for Industrial Control Systems
- Desirable: CISSP or working towards, certified ethical hacker or working towards
Technical expertise & skills:
- A strong track-record in cyber security elements with railway technologies particularly ETCS, TMS, GSM-R, ATO, CBTC or TCMS;
- Excellent customer focus and inter-personal skills;
- A detailed understanding of current cyber security trends within the rail industry;
- A wide appreciation of all rail disciplines and competencies;
- Proven ability to manage and deliver projects on time and to budget;
- Prepared to undergo random drugs and alcohol testing and/or medical screening as required;
- Able to routinely travel to Ricardo offices throughout the UK (and occasionally internationally);
For further information or to make an application please contact Donna.Baker@ricardo.com.