Staff Product Manager overseeing enterprise security product strategy for Tenable. Collaborating with various teams to deliver customer - focused solutions and product features.
IS
Hybrid Principal Engineering Leader – Cyber Security
Posted 2 days ago
About the role
- Leading TfL Engineering Cyber Security team overseeing cybersecurity activities and providing guidance on technical matters. Engaging with stakeholders to enhance cyber security capabilities and reduce risks.
Responsibilities
- Directing, leading and managing a team of cyber security engineers who are responsible for working with project teams ensuring projects implement cyber security in accordance with TfL policies, standards and guidelines as well as international standards and good practice.
- Supporting the development of appropriate management processes, to then implement these processes to ensure security requirements are continually updated and reflected in the system security solution designs.
- Ensuring the cyber security risk management and assurance processes are established and implemented to provide continuous feedback to all stakeholders and to improve the security posture in projects.
- Ensuring that cyber security requirements are established, implemented, verified and validated and that cyber security risks are identified, managed and controlled throughout the project lifecycle, so that systems are acceptably secure at the point of delivery.
- Involved in reviewing and agreeing the cyber security requirements that result from the individual project risk assessments.
- Support the cyber security engineers, project engineers, assurance leads and other business and third party stakeholders in the creation, review and approval of cyber security assurance to support system acceptance.
- Represents TfL Engineering as a cyber security Subject Matter Expert.
- Be the cyber security primary point of contact, engaging where necessary with the likes of the TfL Cyber Security Team, Engineering Professional Heads, Department for Transport, TfL Cyber Security Steering and Working Groups and other applicable stakeholders.
- Support cyber security engineers in the creation and review of cyber security artefacts and deliverables.
- Make authoritative technical recommendations which have a high impact on organisational performance.
- Ensuring the safety, functionality and compliance of high risk, newly implemented or altered assets, engineering processes, procedures or systems.
Requirements
- Proven leadership experience in a multifaceted organisation specifically with stakeholder management at many levels
- Experience communicating, engaging and influencing a variety of junior and senior stakeholders
- Experience developing, coaching and mentoring team members
- Experience engaging with major internal and external parties to achieve business objectives
- Experience of working with engineering / operational technology, such as industrial control systems, particularly those related to safety critical / critical national infrastructure functions
- Experience of applying security by design and security in operation
- Experience providing cyber security advice and guidance.
- Has current knowledge and understanding of cyber security and information security practices, principles, tools and techniques.
- Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, ISA, CompTIA.
- Knowledge of relevant legislation and Regulation such as: Data Protection Act (DPA), Network and Information Systems (NIS) Regulation, Payment Card Industry Data Security Standard (PCI DSS).
- Knowledge of industry best practice and frameworks such as: ISO27001, IEC62443, NIST Cyber Security Framework, CIS Critical Security Controls.
- Knowledge in telecommunications and IP networking, network and computer system architecture, network infrastructure, enterprise-level cyber security technologies for use in complex environments.
Benefits
- Final salary pension scheme
- Free travel for you on the TfL network
- Reimbursement of 75% of the cost of a standard class Ticket for National Rail travel from home or 75% reimbursement on a 28-day flexi ticket
- 30 days annual leave plus public and bank holidays
- Private healthcare discounted scheme (optional)
- Tax-efficient cycle-to-work programme
- Retail, health, leisure and travel offers
- Discounted Eurostar travel
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.
Information Systems Security Officer managing operational security posture for information systems at GDIT. Collaborating closely with ISSM and ISO, handling security aspects, and ensuring compliance with security standards.
Senior Cyber Security Project Manager at Airbus Protect managing medium complexity projects in Cyber Security Consulting. Focusing on project leadership and team management in diverse client settings.
Security Architect responsible for designing cloud security architectures for leading brands. Ensuring compliance and guiding incident response strategies in AWS environments.
Senior Security Consultant for ISMS Management at Bundesdruckerei GmbH in Berlin. Responsible for security analysis, management, and advisory roles on cybersecurity issues.
IT - Systemadministrator managing Video Surveillance and Alarm Systems at Mühlbauer. Supporting technical solutions for multimedia and conference systems with project involvement and ticket handling.
AI Application Security Architect in charge of driving secure development lifecycle for AI systems across multi - cloud environments and hybrid platforms.
Security Project Manager responsible for managing cyber - security project delivery and ensuring quality execution in Bulgaria. Requires excellent communication skills and fluency in English.
Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.