Job Description - Cyber Security Engineer (Maintenance) (047127)
Job title: Cyber Security Engineer (Maintenance)
Location: London / Hybrid Working
Contract Type: Permanent
Overview of project/role
The Cyber Security Engineer (Maintenance) is responsible for providing cyber security expertise and support to reduce the likelihood and impact of a cyber security incident for Signalling Systems (and supporting systems) across all London Underground lines.
The role holder will lead on the continuous management of cyber security throughout the operational life cycle of railway systems including the delivery of necessary improvements and activities aligned to the Network and Information Systems (NIS) Regulations, TfL's Cyber Security Policies and other relevant regulation and industry best practice.
Primary duties will include the completion and upkeep of Cyber Assessment Framework (CAF) studies and Cyber Security improvement plans for all lines, liaising with internal and external parties as appropriate. The post holder will lobby the sponsor in order to deliver the required improvements on the systems.
Key Accountabilities
* The post holder will be expected to undertake cyber security and regulatory compliance activities for Signalling Systems (and supporting systems) across all London Underground lines.
* The role will also support the existing Signals & Data Network teams with Cyber security advice for 1st and 2nd line (operating railway) response to Data Network failures on CBTC/TBTC lines.
* Ensures that the ongoing operational lifecycle cyber security and NIS requirements are embedded into the operation and maintenance of the systems.
* Regularly engage and maintain relationship with and act upon requests by the NIS Competent Authority (DfT) and the NIS Lead Inspector.
* Undertake, coordinate and maintain NIS System CAFs and NIS Improvement Plans and cyber security regulatory activity.
* Undertake continuous assessment of LU's compliance against the NIS regulations and TfL's Cyber Security Policies for Signalling Systems across all LU lines and document any exceptions.
* Undertake, coordinate and maintain system cyber security risk assessments including review of the effectiveness of risk reduction controls.
* Establish and continuously improve system specific cyber security processes and procedures.
* Maintain a database of Signalling System software risks and obsolescence issues to advise the Senior Management of strategic business risk.
* Support Cyber Security reviews between LU and Signalling suppliers to ensure required security updates for the systems are properly supported via maintenance support contracts.
* Provide active support and assistance to the wider Signals team dealing with problems associated with the data networks across the different lines and systems in use.
Knowledge
* Knowledge of networks, Wi-Fi, protocols, services and Windows Servers/Accounts.
* Broad competence in controlling performance and security of Non-Vital Networks.
* Configuration Management.
* Ethical hacking techniques and system penetration testing.
* Current security risks and threats.
* Network and Cyber security policies and procedures.
* Knowledge of NIS regulations and responsibilities.
* Safety related rules, policies, directives and procedures relating to a railway environment.
Skills
* Managing stakeholder and supplier relationships.
* Writing maintenance procedures and/or training documentation.
* Technical skills at an operational level to ensure effective delivery to address challenges and barriers that impact on operational railway.
* Proven ability to communicate with people at all levels, including both external and internal stakeholders.
* Strong technical systems acumen.
* Ability to analyse complex situations and execute appropriate responses.
* Safety on the Track certification to Individual Working Alone level required.
* Hold a full UK driving license - Essential
Experience
* A broad background in and knowledge of networks, protocols, services and Windows Server/accounts.
* Experience with managing Network Security is required.
* Railway Environment (or other similar industry) exposure.
* Working with safety critical systems.
Equality, diversity and inclusion
We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible.
Application Process
* Please apply using your CV and a covering letter. Word format preferred and do not include any photographs or images.
The closing date for applications is 1st December 2024 @ 23:59
In return for your commitment and expertise, you will enjoy excellent benefits and scope to grow. Rewards vary according to the business area but mostly include:
* Final salary pension scheme.
* Free travel for you on the TfL network.
* A 75% discount on National Rail Season Ticket and interest-free loan.
* 29 days annual leave plus public and bank holidays.
* Tax-efficient cycle-to-work programme.
* Retail, health, leisure and travel offers.
* Discounted Eurostar travel.
We may close this advert early if we receive a high volume of suitable applications.
Safety Critical Role - Must Pass Medical
#J-18808-Ljbffr