Senior Cyber Security Advisor046438
Organisation
-Customers, Communication and Technology
Job
-CSIRTPosition Type-Full Time
Location: North Greenwich, London/Hybrid – 50% office attendance model
Salary: £60,000 - £68,000, plus excellent benefits package
You will influence the lives of millions
At TfL, we operate one of the busiest metro systems in the world, with 5 million people using the underground daily. Join us, and you will be amongst the leading engineers, architects and consultants responsible for making TfL world famous, from our London Underground covering 272 stations, or our red bus fleet of 9300 vehicles, TfL remains a key part of the Capital’s success.
TfL’s cyber security professionals play a critical and ever-increasing role in protecting these services and the online systems that make it all work, safeguarding our customers as they travel across the capital’s network, and ultimately helping to realise the Government’s ambition to make the UK the safest place in the world to be online and do business.
Our cyber security Advisors provide specialist support to the organisation, influencing top-level strategy all the way through to the architectural designs to protect TfL assets and reduce the likelihood and impact of a cyber security incident.
Your role will be to provide specialist cyber security advice and guidance, supporting the organisation to align with organisational policies, standards and good practice. The ability to build relationships and manage multiple stakeholders is essential in this role. We’re looking for a great communicator, able to make the complex understandable for a wide range of stakeholders.
As a Senior Cyber Security Advisor, you will ideally have relevant skills and experience working in cyber security using best practices (e.g. ISO27001, NIST Cyber Security Framework, NIS Regulations) and/or experience working in infrastructure (IT/OT) or cloud environments with cyber security responsibilities. Your advisory experience will enable you to work collaboratively with business stakeholders to build or procure secure systems that minimise TfL’s cyber risk exposure and meets regulatory obligations.
Prior experience in cyber security would be advantageous but is not essential as the successful candidate will receive a combination of formal and on-the-job training to develop their cyber security skillset.
Core responsibilities
• Provide advice and guidance to the ‘First Line’ cyber security risk owners, ‘Second Line’ cyber security team, ‘Third Line’ internal audit teams and senior business stakeholders.
• Consult on the secure design, build, implementation, testing and delivery of systems/solutions.
• Assist stakeholders in assessing, understanding and managing cyber security risks in project and operational systems, including meeting regulatory obligations.
• Contribute to the development and maintenance of cyber security standards and guidance, architectural patterns and strategies, and the continuous improvement of Cyber Security’s internal processes, capabilities and tools.
• Preparing, presenting and/or supporting reports on the current status of cyber security assurance, deliverables, risks and KPIs/KRIs.
• Sponsor, facilitate, support and/or implement cyber security capabilities and improvements to the security and resiliency of information technology systems.
• Chair, facilitate and contribute to technology and cyber security governance groups and approval bodies.
• Promote cyber security and contribute to developing a cyber secure culture across the organisation.
Desired skills and experience
• Proactive problem solver, with a passion for innovation and critical thinking
• Favours a collaborative approach and builds strong relationships with internal and external partners.
• Excellent written and verbal communication – Comfortable tailoring information/reporting to the audience and engaging with senior stakeholders.
• Delivery of complex cyber security improvement initiatives involving enterprise-level technologies.
• Knowledge in information security, data privacy and risk management concepts, frameworks and best practices.
• Understanding of network, application and cloud security principles.
• Creation and review of technical design patterns, standards and processes.
Desired qualifications
• Degree level education or equivalent experience, ideally in science, engineering, technology, computing, cyber security or a related field.
• Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, and CompTIA.
Closing date for applications: Monday 26th August 2024 at 23:59
Excellent Benefits include:
• Final salary pension scheme
• Free travel for you on the TfL network
• Reimbursement of 75% of the cost of a standard class Ticket for National Rail travel from home or 75% reimbursement on a 28-day flexi ticket
• 30 days annual leave plus public and bank holidays
• TfL is committed to work-life balance, operating a hybrid working approach where business and role requirements allow
• Private healthcare discounted scheme (optional)
• Tax-efficient cycle-to-work programme
• Retail, health, leisure and travel offers
• Discounted Eurostar travel
Security Clearance
This role requires a minimum of BPSS and CTC security clearance, however the required level of clearance may change. Should an offer of employment be made, continued employment is subject to you obtaining the required level of clearance and maintaining this throughout your employment.
Additional Information
Please apply supplying both your CV and a covering letter preferably in “.docx” format. Both documents should be A4, in Arial 12 font, and a maximum of 2 pages per document.
If you are shortlisted you may be invited to take part in a Video interview. We endeavour to give candidates as much notice as possible however some interviews/ assessments will be organised at short notice and will require a degree of flexibility. We reserve the right to close the application window early if we receive a high volume of suitable applications.
We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible. We are a disability confident employer who guarantee an interview to any disabled candidate who meets all of the essential criteria. We also use anonymising software that removes identifying information from CVs and cover letters to make the process fair.
Many of our staff work flexibly in many different ways. Please talk to us at interview about the flexibility you need. We'll see what we can do.
We understand a confidence gap can get in the way of meeting spectacular candidates. So please don’t hesitate to apply if you think you have what it takes even if you feel you don’t meet all the criteria. We’d love to hear from you.