Information Security Manager in London

Information Security Manager in London

London Full-Time 60000 - 75000 £ / year (est.) No working from home possible
Keolis Amey Docklands

At a Glance

  • Tasks: Lead and improve our Information Security Management System while managing cyber security governance and compliance.
  • Company: Join KeolisAmey Docklands, a key player in London's transport network.
  • Benefits: Enjoy free travel on TfL, discounts, pension contributions, and health perks.
  • Other info: We value diversity and encourage applications from underrepresented groups.
  • Why this job: Make a real impact on cyber security in a critical infrastructure environment.
  • Qualifications: Significant experience in Information Security with relevant certifications like CISSP or CISM.

The predicted salary is between 60000 - 75000 £ per year.

At KeolisAmey Docklands (KAD), we operate and maintain the Docklands Light Railway, keeping London moving safely, reliably and efficiently. Technology and cyber security are fundamental to our operation. As our railway continues to evolve through new rolling stock, digital transformation and expanding services, protecting our systems, data and operational technology has never been more important.

We're looking for an experienced Information Security Manager to lead our cyber security function, ensuring the organisation remains resilient against evolving threats while maintaining compliance with regulatory and franchise obligations.

The Role

Reporting to the Head of IT and Information Security, you'll be responsible for leading KAD's Information Security function and managing our cyber security governance, risk and compliance activities. You'll own our Information Security Management System (ISMS), lead cyber assurance across major business and infrastructure projects, manage security incidents, oversee regulatory compliance and provide expert cyber security advice to senior leaders, clients and regulators. Leading a small specialist team, you'll combine strategic leadership with hands-on technical expertise to help safeguard one of London's critical transport networks.

What You'll Do

  • Lead and continually improve KAD's Information Security Management System (ISMS)
  • Own compliance with ISO 27001, NIS Regulations, Cyber Essentials, PCI DSS and franchise cyber obligations
  • Lead cyber risk management, governance and security assurance activities
  • Manage cyber security incidents, investigations, recovery and regulatory reporting
  • Provide security assurance for new infrastructure, rolling stock and technology projects
  • Oversee vulnerability management, penetration testing and technical security controls
  • Lead internal and external audits and certification activities
  • Manage supplier cyber security assurance and third-party risk
  • Provide cyber risk reporting and advice to senior leadership, clients and regulators
  • Lead, develop and mentor the Information Security team
  • Promote a strong cyber security culture across the organisation

What You'll Need

Essential

  • Significant experience leading Information Security within a regulated or operationally critical environment
  • Professional certification such as CISSP, CISM or CISA
  • ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Proven ownership of a live ISO 27001-certified Information Security Management System
  • Experience maintaining compliance with NIS Regulations, Cyber Essentials and PCI DSS
  • Strong knowledge of cyber security governance, risk management and technical security controls
  • Experience managing cyber incidents and regulatory reporting
  • Experience leading cyber security assurance for projects and system integration
  • Strong stakeholder management skills with experience working with senior leaders, clients and regulators
  • Proven experience leading and developing Information Security or GRC teams

Desirable

  • Rail, transport or critical infrastructure experience
  • Operational Technology (OT) security experience
  • Experience working with government regulators or Competent Authorities
  • Knowledge of UK GDPR and Data Protection
  • Experience within franchise or concession-based environments

What We Offer

As part of the Transport for London (TfL) family, you’ll enjoy a range of competitive benefits, including:

  • Free travel on the TfL network for you and a nominated household member.
  • 75% discount on National Rail season tickets.
  • Interest-free season ticket loan.
  • Pension scheme with up to 10% employer contribution.
  • Access to Perkbox, Doctor Care Anywhere virtual GP, and Employee Assistance Programme.

If you're an experienced Information Security professional looking for an opportunity to combine strategic leadership with hands-on cyber security in a critical infrastructure environment, we'd love to hear from you.

We are committed to building a diverse workforce and particularly encourage applications from underrepresented groups, including women, early career talent (under 25) and individuals from ethnically diverse backgrounds.

Please note: If successful, you will be required to undergo Baseline Personnel Security Standard (BPSS) clearance, including a DBS check, right to work verification and employment references.

Closing date: 19th July 2026

Information Security Manager in London employer: Keolis Amey Docklands

At KeolisAmey Docklands, we pride ourselves on being an excellent employer by fostering a culture of innovation and collaboration within the critical transport sector. Our commitment to employee growth is evident through comprehensive training opportunities and a supportive environment that encourages professional development. Located in London, we offer unique benefits such as free travel on the TfL network and a strong focus on work-life balance, making us an attractive choice for those seeking meaningful and rewarding careers in information security.

Keolis Amey Docklands

Contact Details:

Keolis Amey Docklands Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Information Security Manager in London

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Keolis Amey Docklands, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Keolis Amey Docklands

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Keolis Amey Docklands. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Information Security Manager in London

Information Security Management System (ISMS)
ISO 27001
NIS Regulations
Cyber Essentials
PCI DSS
Cyber Risk Management
Governance and Security Assurance

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Keolis Amey Docklands insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Keolis Amey Docklands that you’re committed to staying ahead in the game.

How to prepare for a job interview at Keolis Amey Docklands

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Keolis Amey Docklands to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Keolis Amey Docklands.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.