About the role

  • Leading TfL Engineering Cyber Security team overseeing cybersecurity activities and providing guidance on technical matters. Engaging with stakeholders to enhance cyber security capabilities and reduce risks.

Responsibilities

  • Directing, leading and managing a team of cyber security engineers who are responsible for working with project teams ensuring projects implement cyber security in accordance with TfL policies, standards and guidelines as well as international standards and good practice.
  • Supporting the development of appropriate management processes, to then implement these processes to ensure security requirements are continually updated and reflected in the system security solution designs.
  • Ensuring the cyber security risk management and assurance processes are established and implemented to provide continuous feedback to all stakeholders and to improve the security posture in projects.
  • Ensuring that cyber security requirements are established, implemented, verified and validated and that cyber security risks are identified, managed and controlled throughout the project lifecycle, so that systems are acceptably secure at the point of delivery.
  • Involved in reviewing and agreeing the cyber security requirements that result from the individual project risk assessments.
  • Support the cyber security engineers, project engineers, assurance leads and other business and third party stakeholders in the creation, review and approval of cyber security assurance to support system acceptance.
  • Represents TfL Engineering as a cyber security Subject Matter Expert.
  • Be the cyber security primary point of contact, engaging where necessary with the likes of the TfL Cyber Security Team, Engineering Professional Heads, Department for Transport, TfL Cyber Security Steering and Working Groups and other applicable stakeholders.
  • Support cyber security engineers in the creation and review of cyber security artefacts and deliverables.
  • Make authoritative technical recommendations which have a high impact on organisational performance.
  • Ensuring the safety, functionality and compliance of high risk, newly implemented or altered assets, engineering processes, procedures or systems.

Requirements

  • Proven leadership experience in a multifaceted organisation specifically with stakeholder management at many levels
  • Experience communicating, engaging and influencing a variety of junior and senior stakeholders
  • Experience developing, coaching and mentoring team members
  • Experience engaging with major internal and external parties to achieve business objectives
  • Experience of working with engineering / operational technology, such as industrial control systems, particularly those related to safety critical / critical national infrastructure functions
  • Experience of applying security by design and security in operation
  • Experience providing cyber security advice and guidance.
  • Has current knowledge and understanding of cyber security and information security practices, principles, tools and techniques.
  • Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, ISA, CompTIA.
  • Knowledge of relevant legislation and Regulation such as: Data Protection Act (DPA), Network and Information Systems (NIS) Regulation, Payment Card Industry Data Security Standard (PCI DSS).
  • Knowledge of industry best practice and frameworks such as: ISO27001, IEC62443, NIST Cyber Security Framework, CIS Critical Security Controls.
  • Knowledge in telecommunications and IP networking, network and computer system architecture, network infrastructure, enterprise-level cyber security technologies for use in complex environments.

Benefits

  • Final salary pension scheme
  • Free travel for you on the TfL network
  • Reimbursement of 75% of the cost of a standard class Ticket for National Rail travel from home or 75% reimbursement on a 28-day flexi ticket
  • 30 days annual leave plus public and bank holidays
  • Private healthcare discounted scheme (optional)
  • Tax-efficient cycle-to-work programme
  • Retail, health, leisure and travel offers
  • Discounted Eurostar travel

Job title

Principal Engineering Leader – Cyber Security

Job type

Experience level

Senior

Salary

£90,000 per year

Degree requirement

Bachelor's Degree

Tech skills

Location requirements

Report this job

See something inaccurate? Let us know and we'll update the listing.

Report job