Security Manager at Leonardo focusing on cyber compliance and risk management across OT and IT frameworks. Supporting clients in strategic initiatives and infrastructure assessments.
IS
Hybrid Principal Engineering Leader – Cyber Security
Posted 2 days ago
About the role
- Leading TfL Engineering Cyber Security team overseeing cybersecurity activities and providing guidance on technical matters. Engaging with stakeholders to enhance cyber security capabilities and reduce risks.
Responsibilities
- Directing, leading and managing a team of cyber security engineers who are responsible for working with project teams ensuring projects implement cyber security in accordance with TfL policies, standards and guidelines as well as international standards and good practice.
- Supporting the development of appropriate management processes, to then implement these processes to ensure security requirements are continually updated and reflected in the system security solution designs.
- Ensuring the cyber security risk management and assurance processes are established and implemented to provide continuous feedback to all stakeholders and to improve the security posture in projects.
- Ensuring that cyber security requirements are established, implemented, verified and validated and that cyber security risks are identified, managed and controlled throughout the project lifecycle, so that systems are acceptably secure at the point of delivery.
- Involved in reviewing and agreeing the cyber security requirements that result from the individual project risk assessments.
- Support the cyber security engineers, project engineers, assurance leads and other business and third party stakeholders in the creation, review and approval of cyber security assurance to support system acceptance.
- Represents TfL Engineering as a cyber security Subject Matter Expert.
- Be the cyber security primary point of contact, engaging where necessary with the likes of the TfL Cyber Security Team, Engineering Professional Heads, Department for Transport, TfL Cyber Security Steering and Working Groups and other applicable stakeholders.
- Support cyber security engineers in the creation and review of cyber security artefacts and deliverables.
- Make authoritative technical recommendations which have a high impact on organisational performance.
- Ensuring the safety, functionality and compliance of high risk, newly implemented or altered assets, engineering processes, procedures or systems.
Requirements
- Proven leadership experience in a multifaceted organisation specifically with stakeholder management at many levels
- Experience communicating, engaging and influencing a variety of junior and senior stakeholders
- Experience developing, coaching and mentoring team members
- Experience engaging with major internal and external parties to achieve business objectives
- Experience of working with engineering / operational technology, such as industrial control systems, particularly those related to safety critical / critical national infrastructure functions
- Experience of applying security by design and security in operation
- Experience providing cyber security advice and guidance.
- Has current knowledge and understanding of cyber security and information security practices, principles, tools and techniques.
- Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, ISA, CompTIA.
- Knowledge of relevant legislation and Regulation such as: Data Protection Act (DPA), Network and Information Systems (NIS) Regulation, Payment Card Industry Data Security Standard (PCI DSS).
- Knowledge of industry best practice and frameworks such as: ISO27001, IEC62443, NIST Cyber Security Framework, CIS Critical Security Controls.
- Knowledge in telecommunications and IP networking, network and computer system architecture, network infrastructure, enterprise-level cyber security technologies for use in complex environments.
Benefits
- Final salary pension scheme
- Free travel for you on the TfL network
- Reimbursement of 75% of the cost of a standard class Ticket for National Rail travel from home or 75% reimbursement on a 28-day flexi ticket
- 30 days annual leave plus public and bank holidays
- Private healthcare discounted scheme (optional)
- Tax-efficient cycle-to-work programme
- Retail, health, leisure and travel offers
- Discounted Eurostar travel
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Analyst leading cybersecurity governance initiatives at Elsevier. Developing and maturing governance programs for data protection and risk management across the organization.
Commercial Security Service Sales Executive promoting and selling security services at Johnson Controls. Building relationships and delivering solutions to protect people and property within assigned territories.
Security Incident Responder in a leading IT service company in Germany, responsible for analyzing and responding to IT security incidents while developing technological solutions.
Deputy ISSO leading compliance and security activities for NOAA systems at RCG. Requires active Secret clearance and CISSP certification with 8+ years of experience.
Technical Recruiter hiring for Snap Inc.'s security and machine learning teams. Full life cycle recruiting support for technical talent across Snap's innovations.
Team Leader ensuring security operations at ZF in Friedrichshafen. Leading a local team and managing on - site safety tasks.
Cloud Security Architect integrating cyber defense strategies across cloud platforms for Elevance Health. Lead collaboration with infrastructure and engineering teams to enhance security in cloud environments.
Senior Security Advisor designing advanced security solutions for Optiv’s clients. Driving sales and building relationships in a competitive cyber security landscape.
Personnel Security Specialist leading intake operations at PSI. Focused on case coordination, quality assurance, and team training for security suitability tasks.