IT Cyber Security Manager London, England
Job description
The role is responsible for the ongoing cyber security management of the IT systems and services. Leading a team to ensure timely response and remediation of security incidents and potential threats affecting the organisation.
The role will engage and manage the supplier relationships for security related systems, as well as ensuring suppliers are adhering to security requirements, incorporating security reviews of new supply chains.
The role will also lead the major security incident testing routines throughout the year and ensure that it is robust and remains relevant to the changing threat landscape.
The role will also ensure that procedure, process, and standards are created, relevant, and updated when required to ensure they support IT policy. The role will also collaborate with the IT management structure to advise on required policy updates as circumstances and organisational improvements dictate.
This role also performs a significant function in the IT governance requirements, participating in the Design Authority panel, lifecycle Change control of service, software and hardware assets
The role also participates in the Silver command rota requirements of the department, acting as an escalation point for the on-call engineers where impacts of incidents require management involvement and wider organisational or supplier communication and involvement.
Main Responsibilities- Line management responsibility for the IT Cyber Security team. Set and regularly review KPI’s for the teams and individuals.
- Security Incident Management - manage and assist the teams to investigate and implement resolutions in a timely manner
- Set and update training paths for the team members, to develop the individuals and ensure ongoing competence for existing and new services supported by the team.
- Work with the teams to create and present Security incident reports.
- Create and regularly review and update process, procedure and standards
- Collaborate with IT management to inform on IT policy amendments where appropriate.
- Participate in the IT governance requirements, including the Design Authority Panel and lifecycle Change Management Panel
- Supplier engagement and management
- Creation of Management reports
To be considered for this role we recommend you demonstrate the below in your application;
- At least 4 years’ experience across multiple functions of InfoSec.
- CISSP,
- CEH
- Experience of Red/blue team scenarios
- Security Risk experience.
- EDR experience
About Southeastern
Southeastern runs train services into London from Kent and East Sussex, operating almost 1,700 trains a day, carrying more than 400,000 passengers, serving 176 stations and covering 540 miles of track.
Just over 4,600 employees - mostly from the communities that we serve - work together to provide this vital service and we are looking to expand our successful team. We have a strong set of values that shape the way we run our business and guide our staff in delivering what our customers need. These are:
- We aim to be the best
- We make the difference together
- We care passionately about our people and our passengers
We are committed to being an inclusive employer, creating a workplace where everyone can come to work, feel safe and comfortable and able to do everything to the best of their ability. Read about some of the great Diversity and Inclusion initiatives our Head of Colleague Experience has been leading on here.
We recognise the positive value of diversity and it matters to us that our teams reflect the communities we serve. We welcome and encourage applications from people of all backgrounds.
We proud to be a WORK180 Endorsed Employer for Women. If you would like to know more information about how we are supporting our employees, you can view our policies and initiatives here.
We have also won the Top Employer award at the Women in Rail Awards 2022!
If you have been unsuccessful in the recruitment process for the same/similar position you will not be eligible to apply for a period of 6 months from that date.
All offers of employment are subject to us obtaining satisfactory references (covering all education, training, employment and unemployment in the preceding 5 years and any previous railway employment). We will also complete right to work in the UK and criminal record checks. This is to ensure we are employing the best person for the role and to protect our customers, colleagues and our reputation. We are unable to offer sponsorship to work in the UK.
This post will close before the intended closing date should sufficient number of suitable applications be received. Therefore, if you are interested in applying for this role, we suggest that you do so at the earliest opportunity to avoid disappointment.
SOUTHEASTERN is owned by SE Trains Ltd, a subsidiary of the Department for Transport’s public sector owning group, ‘DOHL.’ DOHL has responsibility for three rail companies, LNER, Northern Trains Limited and SE Trains.
Package DescriptionSoutheastern recognises the value of every individual employee and offers benefits that reflect this.
As well as a generous salary, we offer an comprehensive benefits package which includes;
- A Contributory Final Salary Pension Scheme
- Free rail travel on Southeastern and GTR rail services (extends to family members for leisure/educational travel)
- After a qualifying period, reduced rate travel on other train operators, including European services
- Up to 25 days annual leave entitlement (plus bank holidays)
- Private healthcare
- Access to an array of discounts for retail and leisure products through our benefits scheme.
- Family friendly benefits including enhanced maternity/paternity leave, parental leave and carers leave.
