Organisation - SIGNALS MAINTENANCE AND RENEWALS
Job - Signal
Position Type - Full Time
Job title:
Cyber Security Engineer (Maintenance)
Salary:
£70,000 - £80,000
Location:
London / Hybrid Working
Contract Type:
Permanent
Overview of project/role
The Cyber Security Engineer (Maintenance) is responsible for providing cyber security expertise and support to reduce the likelihood and impact of a cyber security incident for Signalling Systems (And supporting systems) across all London Underground lines.
The role holder will lead on the continuous management of cyber security throughout the operational life cycle of railway systems including the delivery of necessary improvements and activities aligned to the Network and Information Systems (NIS) Regulations, TfL's Cyber Security Policies and other relevant regulation and industry best practice.
The role is responsible for providing technical expertise for ensuring all Signalling Systems remain in line with current NIS regulations and are protected to the required standards dictated by the DfT and TfL's Cyber Security processes.
Key Accountabilities
* The post holder will be expected to undertake cyber security and regulatory compliance activities for Signalling Systems (And supporting systems) and technologies in use across all London Underground lines.
* The role will also support the existing Signals & Data Network teams with Cyber security advice for 1st and 2nd line (operating railway) response to Data Network failures on CBTC/TBTC lines.
* Ensures that the ongoing operational lifecycle cyber security and NIS requirements are embedded into the operation and maintenance of the systems.
* Regularly engage and maintain relationship with and act upon requests by the NIS Competent Authority (DfT) and the NIS Lead Inspector.
* Undertake, coordinate and maintain NIS System CAFs and NIS Improvement Plans and cyber security regulatory activity.
* Undertake continuous assessment of LU's compliance against the NIS regulations and TfL's Cyber Security Policies for Signalling Systems across all LU lines and any exceptions are documented, justified, and approved.
* Undertake, coordinate and maintain system cyber security risk assessments including review of the effectiveness of risk reduction controls, implement risk reduction controls and maintain list of current security controls.
* Establish and continuously improve system specific cyber security processes and procedures.
* Maintain a database of Signalling System software risks and obsolescence issues to advise the Senior Management of strategic business risk that these may cause short, medium and long term.
* Support Cyber Security reviews between LU and Signalling suppliers to ensure required security updates for the systems are properly supported via maintenance support contracts in place with those suppliers.
* Active support and assistance the wider Signals team dealing with problems associated with the data networks across the different lines and systems in use.
Knowledge
* HND or relevant equivalent professional qualification.
* Knowledge of networks, Wi-Fi, protocols, services and Windows Servers/Accounts.
* Broad Competence in controlling performance and security of Non-Vital Networks.
* Configuration Management.
* Ethical hacking techniques and system penetration testing.
* Current security risks and threats.
* Network and Cyber security policies and procedures.
* Knowledge of NIS regulations and responsibilities.
* Safety related rules, policies, directives and procedures relating to a railway environment.
Skills
* Managing stakeholder and supplier relationships.
* Writing maintenance procedures and/or training documentation.
* Technical skills at an operational level to ensure effective delivery to address challenges and barriers that impact on operational railway.
* Proven ability to communicate with people at all levels, including both external and internal stakeholders, to shape and influence how the Head of Signals team is perceived in a positive and consistent manner.
* Strong technical systems acumen.
* Ability to analyse complex situations and execute appropriate response and where required asset improvements.
* Safety on the Track certification to Individual Working Alone level required – (Carried out in medical).
* Hold a full UK driving license - Essential
Experience
* A broad background in and knowledge of networks, protocols, services and Windows Server/accounts.
* Experience with managing Network Security is required.
* Railway Environment (or other similar industry) exposure.
* Working with safety critical systems.
Equality, diversity and inclusion
We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible. We are a disability confident employer who guarantee an interview to any disabled candidate who meets all of the essential criteria. We also use anonymising software that removes identifying information from CVs and cover letters to make the process fair.
Application Process
* Please apply using your CV and a covering letter. Word format preferred and do not include any photographs or images.
The closing date for applications is 1st December 2024 @ 23:59
Benefits
In return for your commitment and expertise, you will enjoy excellent benefits and scope to grow. Rewards vary according to the business area but mostly include:
* Final salary pension scheme.
* Free travel for you on the TfL network.
* A 75% discount on National Rail Season Ticket and interest free loan.
* 29 days annual leave plus public and bank holidays.
* Private healthcare discounted scheme (optional).
* Tax-efficient cycle-to-work programme.
* Retail, health, leisure and travel offers.
* Discounted Eurostar travel.
We may close this advert early if we receive a high volume of suitable applications.
Safety Critical Role - Must Pass Medical
#J-18808-Ljbffr