Cyber Security Assurance Manager London, England
Job description
Salary: £86k-£96k DOE Plus Fantastic Benefits
Location: North Greenwich, London
UK Skilled Worker Visa Sponsorship available, more information on the process can be discussed during the application process
About us:
The TFL Cyber Security team continues to grow in response to increasing threats to critical infrastructure, In the Summer of 2023, the Cyber Security Assurance team will transform and expand to meet increasing focus on governance, risk and compliance. TfL continues to invest in cyber defence, in line with national security advice, to keep the transport network, and London, as safe as possible.
About the role
You will lead a team of approx. 10 cyber security assurance, governance, risk and compliance professionals, with a remit covering corporate IT and safety critical operational technology. The role involves working with senior business stakeholders and ensuring that a cyber security assurance strategy is in place as part of our overall cyber security improvement roadmap.
Key Accountabilities
Lead and manage a pan-TfL cyber security assurance function. This includes developing and implementing the strategy and operating model for this function and ensuring that the right people processes, and technology required are in place.
Own and manage the TfL cyber security policy, standards and guidance framework, aligned TfL requirements and good practice. This includes ensuring the framework remains up to date and compliant with legislation
Own and manage the assurance framework, including technical assurance (for example penetration testing) and non-technical assurance (for example supplier reviews) monitoring of our public facing cyber and internal maturity.
Own and manage the cyber security risk management framework, ensuring that risks are appropriately managed and communicated to risk owners (3LoD Model). This includes working with BAU teams and projects to ensure that risks are assessed and treated.
Own and manage third party cyber security assessments, including new suppliers, academic partners, regulatory requirements (such as NIS audits) and monitoring supplier cyber maturity.
Ensure the continuous improvement of assurance capabilities, including sponsoring projects.
Manage the cyber security relationship with TfL enterprise assurance and audit teams.
Support the cyber security relationship with TfL regulatory bodies.
Knowledge
Bachelor’s Degree (or equivalent relevant experience) in Computer Science, Electrical Engineering, or other related discipline
Proven background in cyber and information security, preferably with relevant professional qualifications e.g. CISSP, CISM, CISA etc
Cyber security regulations and industry frameworks relevant to the Government/Public Sector – e.g. GDPR, Network and Information Systems (NIS) regulations, NCSC Cyber Essentials, CIS 20, ISO 27001 etc
Skills
Able to build relationships with and positively influence stakeholders, both internally and externally, at all levels of seniority.
Able to communicate complex technical and risk matters clearly and effectively to a wide range of audiences, both technical and non-technical.
Experience
Proven experience in creating, staffing, developing and managing a team.
A track record of delivery in a multi-disciplined security environment preferably public sector, transport or similar.
Delivery of an assurance programme, including risk frameworks and policy frameworks.
Extensive knowledge of IT and preferably OT systems and can identify likely problem areas in advance.
Provided cyber security support within a large and complex environment, preferably public sector, transport or similar.
Advert closes: Monday 1st May 2023 at 23.59
- Final salary pension scheme
- Free travel for you on the TfL network
- A 75% discount on National Rail Season Ticket and interest free loan
- 30 days annual leave plus public and bank holidays
- Private Healthcare
- Tax-efficient cycle-to-work programme
- Retail, health, leisure and travel offers
- Discounted Eurostar travel
Additional Information
Please apply supplying both your CV and a covering letter preferably in “.docx” format. Both documents should be A4, in Arial 12 font, and a maximum of 2 pages per document.
If you are shortlisted you may be invited to take part in a Video interview. We endeavour to give candidates as much notice as possible however some interviews/ assessments will be organised at short notice and will require a degree of flexibility. We reserve the right to close the application window early if we receive a high volume of suitable applications.
We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible. We are a disability confident employer who guarantee an interview to any disabled candidate who meets all of the essential criteria. We also use anonymising software that removes identifying information from CVs and cover letters to make the process fair.
Many of our staff work flexibly in many different ways. Please talk to us at interview about the flexibility you need. We'll see what we can do.
We understand a confidence gap can get in the way of meeting spectacular candidates. So please don’t hesitate to apply if you think you have what it takes even if you feel you don’t meet all the criteria. We’d love to hear from you.
