Senior Cyber Security Advisor
at Transport for London
London, England, United Kingdom -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 10 Feb, 2025 | GBP 65000 Annual | 10 Nov, 2024 | N/A | System Architecture,Telecommunications,Operations,Persuasion,Technology,Computing,Testing,Ip,Isa,Project Delivery,Cyber Security,Security Controls,Giac,Isaca,Information Security Management,Network Infrastructure,Design,Architecture,Architectural Patterns | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
Organisation - Customers, Communication and Technology
Job - CSIRT
Position Type - Full Time
Salary: £60,000 - £65,000 Plus Excellent Benefits
Location: London, North Greenwich and remote working (On average 50% time at office location)
UK Sponsorship available, although candidates are responsible for their own application fees
YOU WILL INFLUENCE THE LIVES OF MILLIONS
At TfL, we operate one of the busiest metro systems in the world, with 5 million people using the underground daily. Join us, and you will be amongst the leading engineers, architects and consultants responsible for making TfL world famous, from our London Underground covering 272 stations, or our red bus fleet of 9300 vehicles, TfL remains a key part of the Capital’s success.
TfL’s cyber security professionals play a critical and ever-increasing role in protecting these services and the online systems that make it all work, safeguarding our customers as they travel across the capital’s network, and ultimately helping to realise the Government’s ambition to make the UK the safest place in the world to be online and do business.
Our cyber security advisors provide specialist support to the organisation, influencing top-level strategy all the way through to the architectural designs to protect TfL assets and reduce the likelihood and impact of a cyber security incident.
Your role will be to provide specialist Industrial Control Systems/Operational Technology (ICS/OT) cyber security advice and guidance, supporting the organisation to align with organisational policies, standards and good practice. The ability to build relationships and manage multiple stakeholders is essential in this role. We’re looking for a great communicator, able to make the complex understandable for a wide range of stakeholders.
As a senior cyber security advisor, you will ideally have relevant skills and experience working in cyber security using best practices (e.g., ISO27001, NIST Cyber Security Framework, NIS Regulations) and/or experience working in Infrastructure (IT/OT) or Cloud environments with cyber security responsibilities and be able to apply these to real world systems. Your advisory experience will enable you to work collaboratively with business stakeholders to build or procure secure systems that minimise TfL’s cyber risk exposure and meets regulatory obligations (e.g. NIS Regulations).
KEY ACCOUNTABILITIES:
- Provide consultation, advice and guidance to First Line cyber security risk owners and to Second Line Cyber Security team including TfL’s Security Operations and Assurance functions and Third Line internal audit teams.
- Consult and advise on the secure design, build, implementation, testing and delivery of systems to ensure the secure operation and ongoing verification and validations of systems.
- Consult and advise stakeholders in assessing, understanding and managing cyber security risks in project and operational systems, including meeting regulatory obligations.
- Consult, advise and develop incident response capability.
- Contribute to the development and maintenance of cyber security standards and guidance, architectural patterns and strategies, and the continuous improvement of Cyber Security’s internal processes, capabilities and tools.
- Preparing, presenting and/or supporting reports on the current status of cyber security assurance, deliverables, risks and KPIs/KRIs.
- Sponsor, facilitate, support and/or implement cyber security capabilities and improvements to the security and resiliency of technology systems.
- Chair, facilitate and contribute to technology and cyber security governance groups and approval bodies.
- Promote cyber security and contribute to developing a cyber secure culture.
- Provide consultation, advice and guidance on the Network and Information Systems (NIS) Regulations.
KNOWLEDGE IN:
- telecommunications and IP networking.
- network and computer system architecture, operations and protocols.
- network infrastructure, system and application architecture and associated cyber security controls.
- enterprise-level cyber security technologies for use in complex environments.
- information security management concepts to support solutions and processes.
SKILLS IN:
- analytical thinking, identifying many possible causes for a problem based on prior experience and current research.
- highly effective written and verbal communications, employing appropriate methods of persuasion when soliciting agreement and demonstrating both empathy and assertiveness when communicating a need or defending a position.
- selecting security controls with meaningful measures to monitor their effectiveness and identify improvements.
EXPERIENCE IN:
- the project delivery and operational lifecycle of Operational Technology systems.
- time critical, complex and technical environments including safety related systems.
- creating and reviewing technical engineering designs.
- creating and reviewing standards, processes and architectural patterns.
- requirements definition, design and testing.
DESIRABLE QUALIFICATIONS:
- Degree level education or equivalent experience, ideally in science, engineering, technology, computing, cyber security or a related field,
- Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, ISA, CompTIA.
Closing date for applications: Sunday 24th November 2024 at 23.59
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Science engineering technology computing cyber security or a related field
Proficient
1
London, United Kingdom