Cyber Security Engineer in London

About DFTO

DFTO is the government’s public sector rail owning group. Its purpose is to bring all currently privately-owned train operators into public ownership in advance of the creation of Great British Railways in 2027 and deliver improvements in the here and now by unifying and integrating train operations under common public ownership. DFTO has over 30,000 employees, runs over 8,500 services a day and delivers over 640 million customer journeys across its networks every year.

Primary Purpose of Job:

This role is responsible for leading the design, implementation, continual improvement and monitoring of cyber security solutions across DFTO and supporting Group Operators to protect the business from security threats whilst adhering to industry cyber security standards. As a subject matter expert in multiple cyber security technologies, the post holder will be responsible for the management, maintenance and improvement of cyber security across multiple platforms, networks and applications. The key focus being to ensure the DFTO Group is protected from cyber and information security risk.

Key Responsibilities:

• Support the DFTO Group Head of Cyber Security to oversee the delivery and support of cyber security applications and platforms.
• Manage the continued review, research, and development of current security controls, ensuring their effectiveness and efficiency.
• Contribute to the Cyber Security Risk Register working with business and solution owners to identify, mitigate, treat and remediate risk in accordance with the DFTO Group risk appetite, ensuring alignment to industry best practice.
• Proactively identify weaknesses in hardware, software and applications through vulnerability assessments, penetration testing, and managing any required remediation processes.
• Providing security patch deployment methodologies to all core infrastructures.
• Monitor networks and systems for critical security breaches, using software that detects intrusions and anomalous system behaviour.
• Ensure cyber security requirements are met and service quality maintained when introducing new security services.
• Provide expert technical guidance when developing and carrying out information security plans, policies and procedures.
• Manage the technical installation and monitoring use of security products, including data encryption and other security products and procedures.
• Actively ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats.
• Participate in peer reviews of deliverables and carry out formal and informal reviews of technical designs, standards, documentation and/or implementations.
• Lead cyber security projects as assigned, following a recognised methodology, through specification, testing, implementation and documentation, including ongoing support strategy.
• Provide expert technical guidance across the DFTO Group when investigating security breaches.
• Provide support for any incident response, including steps to minimise the impact and conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
• Manage the development of technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Produce comprehensive reports including assessment-based findings, outcomes and propositions for current security effectiveness and further system security enhancement.
• Support awareness training on cyber security standards, policies and best practices.

Key Competencies:

• Detailed technical knowledge of application and operating system security.
• Thorough understanding of the latest security principles, techniques, and protocols.
• A deep understanding and best practice mitigation of current OWASP Top Ten Risks.
• Strong understanding of network and endpoint security solutions.
• Knowledge of achieving and maintaining compliance with ISO27001, GDPR, Cybersecurity and other security Standards.
• Effective team player experienced at dealing at all levels with effective influencing and negotiating skills.
• Ability to form constructive and proactive working relationships at all levels with all stakeholders.
• Good project management skills: able to demonstrate ability to deliver projects to time, budget and objectives in partnership with stakeholders.
• Good communications and presentation skills both verbal and written.
• Good level of numeracy and sound analytical skills, problem-solving skills and ability to stay calm under pressure.

Knowledge, Skills, Experience & Technical Qualifications:

• Educated to degree level or equivalent.
• Significant current experience in a Cyber Security Technical Support role.
• Recognised industry security certification such as CISSP, SSCP, CEH, Security+, CASP+ or equivalent.
• Proven technical background well versed in current Microsoft Products, Endpoint Protection technologies, AWS cloud solutions and Email security systems.
• Experience in building and maintaining security systems.
• Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.

This role reports to the Group Head of Cyber Security and will work closely with DFTO Cyber/Information Security colleagues across business units and external TOC stakeholders.

Vacancy Details:

• Duration: Permanent
• Location: London Waterloo/Hybrid
• Salary: up to £70,000
• Closing date: 2nd June 2026

DFTO Benefits:

• Annual Leave: Starting at 25 days and rising to an additional day per year of service completed within the first 5 completed years up to a maximum of 5 additional (30 days).
• DC Pension Scheme: 10% Employer contribution, 5% Employee contribution.
• Opportunities to learn and network across the wider industry.

About our people and the recruitment process - We're an inclusive employer of choice and we welcome applications from everyone! We encourage our colleagues to work flexibly, as we know traditional working patterns don't always fit.