Security Manager
Posted a month ago
- London, Greater London
- Any
- External
- Expires In 2 months
Closing Date for Applications16 May 2024 Salary Range £39,000 - £51,503What is the purpose of this job?Rail is fundamental to the country’s prosperity. Britain’s railway is increasingly important in connecting workers to jobs, businesses to markets, and people to their families and friends. The combination of public and private investment going into the railway is set to boost the UK’s economy by almost £85bn, benefiting every region of Britain.
The Rail Delivery Group (RDG) brings together the companies that run our railway into a single team with one goal - to deliver a better railway for the country.RDG plays a central role in supporting the industry by providing multiple information services to support customer information (National Rail Enquiries, real-time train information to apps and stations etc) and ticketing (rolling out barcode, smart cards and financial settlement between train companies etc). Our services are primarily delivered through third parties, and through a mixture of cloud and on-premises environments. We also coordinate the implementation of the cyber security strategy owned by the Rail Cyber Security Committee (RCSC). The Security Manager will the Head of Information Security manage and improve cybersecurity risks of the information services provided by RDG, support the work of the Rail Cyber Security Committee and offer insight to RDG Executive and member governance groups on our information security performance and manage related improvement plans.This role will also inform the information security requirements of RDG’s ambitious plans to transform ticketing and information systems across the industry.The Security Manager will also assist the with development and implantation of initiatives such as the Third-Party Security Compliance Standard and Supply Chain Management Project Key Responsibilities:1. Help implement and maintain a method to assess the information security risks of RDG’s current services, building on existing good practices and current advisory projects. 2. Work with teams to identify and manage cyber security risks and help with remediation plans, working with third-party service providers. 3. Assist with delivering remediation projects or other initiatives to manage and monitor cyber security risk.
4. Manage information security incidents together with third party service providers and RDG service management teams. 5. Work with member governance groups and work with members to create business cases to improve RDG’s security posture. 6. Help to define, organise and manage cyber reporting to the CIO, RDG’s Executive and member governance groups, including our Strategic Boards, and RDG Board.
7. Support the Rail Cyber Security Committee in work coordinating the industry’s delivery of the Rail Cyber Security Strategy. 8. Work across industry with Train and Freight Operating Companies, Suppliers, Department for Transport, National Cyber Security Centre. 9. Work with the Chief Information Security Officer to apply cyber security guidelines/good practices in RDG to assess its supply chain security maturity, risks and threats, and performance.
10. Guided by the RDG information system architecture, carry out business impact assessment and help prioritise the measures necessary to protect the organisation’s systems, digital assets and interfaces
11. Responsible for coordinating, overseeing, reporting on, and conducting vulnerability assessments of RDG services and suppliers. 12. Work with internal stakeholders and suppliers to ensure information security principles such as Security by Design and Privacy by Default are imbedded in all projects from the outset.
13. Assist the Chief Information Security Officer in delivering Information Security training to staff and members where required.
14. Help foster a culture of security across RDG and promote RDG cyber services throughout the industry. Monitoring service delivery and identification of actions to maintain or improve service levels. Having a proactive approach to project and delivery management, problem solving and influencing stakeholders. Producing relevant project documentation and managing an initiative through delivery stage gates Delivering change to agreed service levels, standard and technical compliance in line with stakeholder expectation. Effective Stakeholder Relationship Management through acting as a single point of contact in the initiation and ongoing management with and between key stakeholders. Supporting effective business change by building relationships between senior strategists, planners, designers and operational business partners. Effective Supplier Relationship Management through key performance indicators, contractual obligations, performance and service improvement. Leading review meetings for major contracts and suppliers. Ability to make complex issues easy to understand through communication across the organisation. Wide range of analytical techniques to understand complex information issues. Ability to make strategic decisions through analysis of all the relevant factors.
30 days annual leave 75% reduction on UK rail travel (for work and leisure) - more below Reduced international rail travel Interest free season ticket loan Contributory defined benefit pension scheme Give As You Earn scheme Subsidised private medical care Healthcare cash plan scheme Employee Assistance Programme scheme Flexible working 30 weeks full pay for maternity, adoption and shared parental leave (subject to eligibility) Personal Development Days Employees may sell up to a maximum of five days’ leave.
Employees can buy up to a maximum of five days’ leave. These figures will be pro rata for part-time employees
#J-18808-Ljbffr
The Rail Delivery Group (RDG) brings together the companies that run our railway into a single team with one goal - to deliver a better railway for the country.RDG plays a central role in supporting the industry by providing multiple information services to support customer information (National Rail Enquiries, real-time train information to apps and stations etc) and ticketing (rolling out barcode, smart cards and financial settlement between train companies etc). Our services are primarily delivered through third parties, and through a mixture of cloud and on-premises environments. We also coordinate the implementation of the cyber security strategy owned by the Rail Cyber Security Committee (RCSC). The Security Manager will the Head of Information Security manage and improve cybersecurity risks of the information services provided by RDG, support the work of the Rail Cyber Security Committee and offer insight to RDG Executive and member governance groups on our information security performance and manage related improvement plans.This role will also inform the information security requirements of RDG’s ambitious plans to transform ticketing and information systems across the industry.The Security Manager will also assist the with development and implantation of initiatives such as the Third-Party Security Compliance Standard and Supply Chain Management Project Key Responsibilities:1. Help implement and maintain a method to assess the information security risks of RDG’s current services, building on existing good practices and current advisory projects. 2. Work with teams to identify and manage cyber security risks and help with remediation plans, working with third-party service providers. 3. Assist with delivering remediation projects or other initiatives to manage and monitor cyber security risk.
4. Manage information security incidents together with third party service providers and RDG service management teams. 5. Work with member governance groups and work with members to create business cases to improve RDG’s security posture. 6. Help to define, organise and manage cyber reporting to the CIO, RDG’s Executive and member governance groups, including our Strategic Boards, and RDG Board.
7. Support the Rail Cyber Security Committee in work coordinating the industry’s delivery of the Rail Cyber Security Strategy. 8. Work across industry with Train and Freight Operating Companies, Suppliers, Department for Transport, National Cyber Security Centre. 9. Work with the Chief Information Security Officer to apply cyber security guidelines/good practices in RDG to assess its supply chain security maturity, risks and threats, and performance.
10. Guided by the RDG information system architecture, carry out business impact assessment and help prioritise the measures necessary to protect the organisation’s systems, digital assets and interfaces
11. Responsible for coordinating, overseeing, reporting on, and conducting vulnerability assessments of RDG services and suppliers. 12. Work with internal stakeholders and suppliers to ensure information security principles such as Security by Design and Privacy by Default are imbedded in all projects from the outset.
13. Assist the Chief Information Security Officer in delivering Information Security training to staff and members where required.
14. Help foster a culture of security across RDG and promote RDG cyber services throughout the industry. Monitoring service delivery and identification of actions to maintain or improve service levels. Having a proactive approach to project and delivery management, problem solving and influencing stakeholders. Producing relevant project documentation and managing an initiative through delivery stage gates Delivering change to agreed service levels, standard and technical compliance in line with stakeholder expectation. Effective Stakeholder Relationship Management through acting as a single point of contact in the initiation and ongoing management with and between key stakeholders. Supporting effective business change by building relationships between senior strategists, planners, designers and operational business partners. Effective Supplier Relationship Management through key performance indicators, contractual obligations, performance and service improvement. Leading review meetings for major contracts and suppliers. Ability to make complex issues easy to understand through communication across the organisation. Wide range of analytical techniques to understand complex information issues. Ability to make strategic decisions through analysis of all the relevant factors.
30 days annual leave 75% reduction on UK rail travel (for work and leisure) - more below Reduced international rail travel Interest free season ticket loan Contributory defined benefit pension scheme Give As You Earn scheme Subsidised private medical care Healthcare cash plan scheme Employee Assistance Programme scheme Flexible working 30 weeks full pay for maternity, adoption and shared parental leave (subject to eligibility) Personal Development Days Employees may sell up to a maximum of five days’ leave.
Employees can buy up to a maximum of five days’ leave. These figures will be pro rata for part-time employees
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
