Information Security Manager in London

Information Security Manager in London

London Full-Time 70000 - 80000 £ / year (est.) No working from home possible
K

At a Glance

  • Tasks: Lead and improve our Information Security Management System while managing cyber security governance and compliance.
  • Company: Join KeolisAmey Docklands, a key player in London's transport network.
  • Benefits: Enjoy free travel on TfL, discounts on rail tickets, and a solid pension scheme.
  • Other info: We value diversity and encourage applications from underrepresented groups.
  • Why this job: Make a real impact on cyber security in a critical infrastructure environment.
  • Qualifications: Significant experience in Information Security with relevant certifications like CISSP or CISM.

The predicted salary is between 70000 - 80000 £ per year.

At KeolisAmey Docklands (KAD), we operate and maintain the Docklands Light Railway, keeping London moving safely, reliably and efficiently. Technology and cyber security are fundamental to our operation. As our railway continues to evolve through new rolling stock, digital transformation and expanding services, protecting our systems, data and operational technology has never been more important.

We're looking for an experienced Information Security Manager to lead our cyber security function, ensuring the organisation remains resilient against evolving threats while maintaining compliance with regulatory and franchise obligations.

The Role

Reporting to the Head of IT and Information Security, you’ll be responsible for leading KAD’s Information Security function and managing our cyber security governance, risk and compliance activities. You’ll own our Information Security Management System (ISMS), lead cyber assurance across major business and infrastructure projects, manage security incidents, oversee regulatory compliance and provide expert cyber security advice to senior leaders, clients and regulators. Leading a small specialist team, you’ll combine strategic leadership with hands-on technical expertise to help safeguard one of London’s critical transport networks.

What You’ll Do

  • Lead and continually improve KAD’s Information Security Management System (ISMS)
  • Own compliance with ISO 27001, NIS Regulations, Cyber Essentials, PCI DSS and franchise cyber obligations
  • Lead cyber risk management, governance and security assurance activities
  • Manage cyber security incidents, investigations, recovery and regulatory reporting
  • Provide security assurance for new infrastructure, rolling stock and technology projects
  • Oversee vulnerability management, penetration testing and technical security controls
  • Lead internal and external audits and certification activities
  • Manage supplier cyber security assurance and third-party risk
  • Provide cyber risk reporting and advice to senior leadership, clients and regulators
  • Lead, develop and mentor the Information Security team
  • Promote a strong cyber security culture across the organisation

What You’ll Need

Essential

  • Significant experience leading Information Security within a regulated or operationally critical environment
  • Professional certification such as CISSP, CISM or CISA
  • ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Proven ownership of a live ISO 27001-certified Information Security Management System
  • Experience maintaining compliance with NIS Regulations, Cyber Essentials and PCI DSS
  • Strong knowledge of cyber security governance, risk management and technical security controls
  • Experience managing cyber incidents and regulatory reporting
  • Experience leading cyber security assurance for projects and system integration
  • Strong stakeholder management skills with experience working with senior leaders, clients and regulators
  • Proven experience leading and developing Information Security or GRC teams

Desirable

  • Rail, transport or critical infrastructure experience
  • Operational Technology (OT) security experience
  • Experience working with government regulators or Competent Authorities
  • Knowledge of UK GDPR and Data Protection
  • Experience within franchise or concession-based environments

What We Offer

  • Free travel on the TfL network for you and a nominated household member.
  • 75% discount on National Rail season tickets.
  • Interest-free season ticket loan.
  • Pension scheme with up to 10% employer contribution.
  • Access to Perkbox, Doctor Care Anywhere virtual GP, and Employee Assistance Programme.

If you’re an experienced Information Security professional looking for an opportunity to combine strategic leadership with hands-on cyber security in a critical infrastructure environment, we’d love to hear from you. We are committed to building a diverse workforce and particularly encourage applications from underrepresented groups, including women, early career talent (under 25) and individuals from ethnically diverse backgrounds.

Please note: If successful, you will be required to undergo Baseline Personnel Security Standard (BPSS) clearance, including a DBS check, right to work verification and employment references.

Closing date: 19th July 2026

Information Security Manager in London employer: KeolisAmey DLR

At KeolisAmey Docklands, we pride ourselves on being an exceptional employer, offering a dynamic work environment where technology and cyber security are at the forefront of our operations. Our commitment to employee growth is evident through comprehensive training opportunities and a strong focus on developing a diverse workforce, ensuring that every team member can thrive in their career. With attractive benefits such as free travel on the TfL network and a generous pension scheme, we provide a supportive culture that values innovation and resilience in safeguarding London's critical transport infrastructure.

K

Contact Details:

KeolisAmey DLR Recruitment Team

We think you need these skills to ace Information Security Manager in London

Information Security Management System (ISMS)
ISO 27001
NIS Regulations
Cyber Essentials
PCI DSS
Cyber Risk Management
Governance and Security Assurance