Lead Information Security Analyst

Lead Information Security Analyst

IT
Location: Derby - Head Office
Contract Type: Permanent
Salary: Circa £55,000
Closing Date: Friday 19 June 2026
Reference: 2026-56

Protect the railway that keeps the East Midlands moving. At East Midlands Railway, every journey matters and millions of customers rely on us to travel safely, reliably and sustainably across the region.

We’re looking for an experienced and passionate Lead Information Security Analyst to help safeguard our people, systems and operations. This is more than a technical security role. It’s an opportunity to lead cyber resilience across a critical national infrastructure organisation, shaping security strategy, influencing stakeholders at every level and protecting the services that our customers depend on every day.

What you’ll be doing

• Leading and developing a team of Information Security Analysts
• Managing and optimising key security technologies including SIEM, XDR, anti‑virus, email security and vulnerability management platforms
• Driving proactive threat hunting and threat intelligence activities
• Leading cyber incident response and working closely with Security Operations Centre partners
• Identifying, assessing and helping mitigate information security risks across the organisation
• Supporting security governance through ISO27001‑aligned controls, policies and procedures
• Providing expert security advice on new technologies, projects and operational systems
• Supporting operational technology (OT) cyber security initiatives across our fleet and wider railway environment
• Promoting a positive security culture and increasing cyber awareness throughout EMR
• Producing insightful reporting, KPIs and trend analysis to inform decision‑making at all levels

What we’re looking for

You’ll be an experienced cyber security professional who combines strong technical expertise with the ability to influence and engage stakeholders across the business.

You’ll bring

• Significant experience in a senior Information Security or Cyber Security role
• Strong knowledge of security operations, risk management and security governance
• Experience working with ISO27001 controls, policies and frameworks
• Hands‑on experience with enterprise security technologies and security monitoring platforms
• Excellent analytical and problem‑solving skills
• Strong communication skills with the ability to explain complex security concepts to both technical and non‑technical audiences
• A proactive, organised and customer‑focused approach

Professional certifications such as ISC² CISSP and ISACA CISM are highly desirable.

In return, you’ll receive

• Competitive salary
• Defined Benefit Pension Scheme
• Free standard leisure travel on EMR, Transport UK and LNER services
• Friends and Family discounted travel on the EMR network
• 75% discount on national leisure rail travel for you, your partner and dependants
• Up to 32 days annual leave
• Ongoing professional development opportunities
• The chance to make a real impact within a critical public service organisation

Diversity & Inclusion

At EMR, we are committed to building a workforce that reflects the communities we serve. We recognise that women and people from ethnic minority backgrounds are currently under‑represented within our workforce. We actively encourage applications from these groups and welcome talented individuals from all backgrounds, experiences and perspectives.