Cyber Security Engineer Operational Technology in London

About DFT Operator

DFTO is the government’s public sector rail owning group. Its purpose is to bring all currently privately-owned train operators into public ownership in advance of the creation of Great British Railways in 2027 - and deliver improvements in the here and now by unifying and integrating train operations under common public ownership. DFTO has over 30,000 employees, runs over 8,500 services a day and delivers over 640 million customer journeys across its networks every year.

Primary Purpose of Job:

This role is responsible for supporting DFTO Operators manage their Operational Technology (OT) cyber security responsibilities through the design, implementation, continual improvement and monitoring of OT cyber security solutions. The post holder will play a key role in aligning OT cyber security practices across the DFTO Group working closely with industry colleagues across the whole of UK rail to protect the business from OT security threats whilst adhering to industry OT cyber security standards.

Key Responsibilities:

• Support the DFTO Group Head of Cyber Security to oversee the delivery and support of cyber security applications and platforms across all areas of the Group, with specific focus on OT Cyber Security provision within the Operator TOC’s.
• Manage the continued review, research, and development of current OT security controls, ensuring their effectiveness and efficiency.
• Contribute to the Cyber Security Risk Register working with business and solution owners to identify, mitigate, treat and remediate risk in accordance with the DFTO Group risk appetite, ensuring alignment to industry best practice.
• Proactively identify weaknesses in hardware, software and applications through vulnerability assessments, penetration testing, and managing any required remediation processes.
• Providing security patch deployment methodologies to all core infrastructures.
• Monitor networks and systems for critical security breaches, using software that detects intrusions and anomalous system behaviour.
• Ensure cyber security requirements are met and service quality maintained when introducing new security services.
• Promote and facilitate OT cyber security knowledge sharing and learning, sharing of best practice through engagement across the DFTO Group Operators.
• Participate in peer reviews of deliverables and carries out formal and informal reviews of technical designs, standards, documentation and/or implementations.
• Lead cyber security projects as assigned, following a recognised methodology, through specification, testing, implementation and documentation, including ongoing support strategy.
• Provide expert technical guidance across the DFTO Group when investigating OT security breaches.
• Manage the development of technical OT cyber solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Produce comprehensive reports including assessment-based findings, outcomes and propositions for current security effectiveness and further system security enhancement.

Key Competencies:

• Detailed technical knowledge of application and operating OT system security.
• Thorough understanding of the latest security principles, techniques, and protocols.
• A deep understanding and best practice mitigation of current OWASP OT Top Ten Risks.
• Knowledge of achieving and maintaining compliance with IEC62443, IEC63452, NIS Directive and CAF frameworks and other relevant OT security Standards.
• Effective team player experienced at dealing at all levels with effective influencing and negotiating skills.
• Proven track record of delivering change and continuous improvement.
• Good project management skills: able to demonstrate ability to deliver projects to time, budget and objectives in partnership with stakeholders.
• Good communications and presentation skills both verbal and written.
• Good level of numeracy and sound analytical skills, problem-solving skills and ability to stay calm under pressure.

Knowledge, Skills, Experience & Technical Qualifications:

• Educated to degree level or equivalent in a relevant, related subject.
• Significant current experience in a Cyber Security Technical Support role, that includes relevant experience in OT Cyber Security including SCADA systems.
• Recognised industry security certification such as GIAC, GICSP, IEC62443 Cyber Security Expert or equivalent.
• Proven work experience as an OT cyber security engineer with experience of successfully leading technical evaluations and project management of new OT Cyber Security solutions.
• Current knowledge and experience in undertaking OT cyber security risk assessments and evaluating OT environments for vulnerabilities.
• Hands on experience in OT cyber security systems, including intrusion detection systems, monitoring systems, authentication systems, log management, content filtering, etc.

This role reports to the Group Head of Cyber Security and will work closely with DFTO Cyber/Information Security and OT security colleagues across business units and external TOC stakeholders.

Vacancy Details:

• Duration: Perm
• Location: London Waterloo/Hybrid
• Salary: up to £70,000
• Closing date: 2nd June 2026

DFTO Benefits:

• Annual Leave: Starting at 25 days and rising to an additional day per year of service completed within the first 5 completed years up to a maximum of 5 additional (30 days).
• DC Pension Scheme: 10% Employer contribution, 5% Employee contribution.
• Opportunities to learn and network across the wider industry.

Contact: If you have any questions or reasonable adjustments, please contact Jason.blakemore@dftoperator.co.uk. Please do not email any CV's to us, your application must be made by clicking the 'Apply' button.