Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security assurance activities, manage audits, and enhance cyber security maturity.
- Company: Network Rail connects people and goods across Scotland, prioritising safety and efficiency.
- Benefits: Enjoy flexible working, competitive salary, and comprehensive benefits tailored for your well-being.
- Why this job: Join a mission-driven team focused on improving railway safety and security while developing your career.
- Qualifications: ISO27001 Lead Auditor or relevant experience in security compliance and audits required.
- Other info: Opportunities available in Leeds, Glasgow, Edinburgh, and Greater Manchester.
The predicted salary is between 43200 - 72000 £ per year.
About Network Rail
At Network Rail, our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We\’re an organisation where people matter. Watch our video to find out more!
Scotland\’s Railway is part of this large family and it covers a large geographical area from the Borders to Thurso at the far tip of the North East of Scotland, accounting for almost 20 per cent of the UK rail network. We provide rapid access along busy commuter routes to our seven cities, servicing the varied needs of our business and leisure commuter services, including cross border services and rural services. We have up to 50 freight services operating every day and we are steadily building capacity for this to grow. Our ambition to be responsive to passengers and freight users, drives us every day and we\’re empowered to do the right thing for those who use the rail network. We actively challenge unsafe practices and take responsibility for addressing risks, resolving issues and protecting safety and wellbeing.
Our colleagues are encouraged to work flexibly as we know that busy lives don\’t always fit around a traditional working pattern. If you need flexibility to complete your role, just let us know and we will do our utmost to help you invest in your career with us while balancing other aspects of your life.
We\’re also a Disability Confident Leader employer, and we\’ll try our best to adapt the process and offer reasonable alternatives to support people with disabilities access, apply, and interview for roles.
We want to help deliver a railway which is safe, reliable, affordable, and provides great customer service to everyone. For more information about Network Rail, click here.
Brief Description
The Engineering & Asset Management function of Scotland\’s railway focuses on providing high-caliber engineering services that underpin the delivery of a safe, high-performing railway network. Managing our infrastructure and assets needs careful planning, aligning objectives and activities which are delivered efficiently and sustainably, within budget.
This position offers the chance to advance our cyber security maturity. The successful candidate will serve as the primary point of contact and informed client for Scotland\’s Railway. Responsibilities include supporting national cyber security initiatives, developing and implementing a cyber security maturity improvement plan, creating a compliance plan for relevant standards, addressing audit actions, and documenting our approach to cyber security in line with the national strategy.
The initial phase will focus on Operational Technology, aiming to achieve incremental and practical improvements that deliver appropriate cyber security capabilities and maturity. After initial phases, the role is expected to expand to cover all aspects of cyber security.
About the role (External)
What to expect
- Management and delivery of security assurance activities, including security surveys, audits, verifications, and self-assurance assessments according to the NR assurance framework.
- Support the delivery of the security assurance plan to demonstrate compliance with regulatory, legal, and Network Rail standards and risk processes.
- Manage and conduct security threat and risk assessments to identify control failures and deliver risk management aligned with the NR security assurance framework.
- Present audit recommendations to management, secure commitment for implementation, and monitor post-audit actions.
- Supervise and conduct security engineering accreditation to support lifecycle security assurance of railway systems.
- Investigate reported cyber security incidents, compile reports, and recommend controls to address procedural or technical failures.
- Support the Security Assurance Manager in collaborating with external assurance providers to maintain compliance with security standards.
- Assist in maintaining security policies, standards, and promoting security awareness and training.
- Develop team competencies and training requirements.
What We\’re Looking For
Essential qualifications and experience include:
- Qualified ISO27001 Lead Auditor or relevant security compliance experience.
- Knowledge of security assurance standards such as CAS(T), ISO 27001, IEC 62443, or similar.
- Experience in security assurance certifications or UK government security accreditation.
- Experience in information security audits and risk assessments.
- Experience in auditing security domains like vulnerability assessments, access controls, third-party due diligence, business impact analysis, firewall compliance, network security, logical system security, and encryption technologies.
We prioritize your well-being with comprehensive benefits and support flexible working arrangements. Locations include Leeds, Glasgow, Edinburgh, and Greater Manchester. Competitive salary and benefits are offered.
#J-18808-Ljbffr
Lead Security Assurance Specialist employer: Network Rail
Contact Detail:
Network Rail Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead Security Assurance Specialist
✨Tip Number 1
Familiarise yourself with the specific security assurance standards mentioned in the job description, such as ISO 27001 and IEC 62443. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network Rail values collaboration, so be prepared to discuss your experience working with external assurance providers. Highlight any past projects where you successfully partnered with others to achieve compliance or improve security measures.
✨Tip Number 3
Showcase your ability to conduct security threat and risk assessments by preparing examples from your previous roles. Be ready to explain how you identified control failures and what actions you took to mitigate risks.
✨Tip Number 4
Since the role involves promoting security awareness and training, think about how you can contribute to developing team competencies. Prepare ideas on how you’ve previously engaged teams in security practices or training initiatives.
We think you need these skills to ace Lead Security Assurance Specialist
Some tips for your application 🫡
Understand the Role: Before applying, take the time to thoroughly read the job description for the Lead Security Assurance Specialist position. Understand the key responsibilities and required qualifications, and think about how your experience aligns with these.
Tailor Your CV: Customise your CV to highlight relevant experience in security assurance, compliance, and risk management. Use specific examples that demonstrate your knowledge of ISO27001, security audits, and any other relevant standards mentioned in the job description.
Craft a Compelling Cover Letter: Write a cover letter that not only outlines your qualifications but also expresses your passion for enhancing cyber security within the railway sector. Mention how your skills can contribute to Network Rail's mission and values.
Highlight Relevant Certifications: Make sure to prominently display any relevant certifications, such as ISO27001 Lead Auditor or similar qualifications, in both your CV and cover letter. This will help demonstrate your expertise and commitment to the field.
How to prepare for a job interview at Network Rail
✨Understand the Role and Responsibilities
Make sure you thoroughly read the job description and understand the key responsibilities of a Lead Security Assurance Specialist. Be prepared to discuss how your experience aligns with managing security assurance activities, conducting audits, and supporting compliance with security standards.
✨Showcase Relevant Experience
Highlight your qualifications, especially if you are a qualified ISO27001 Lead Auditor or have relevant security compliance experience. Be ready to provide specific examples of past projects where you conducted risk assessments or managed security audits.
✨Demonstrate Knowledge of Cyber Security Standards
Familiarise yourself with security assurance standards such as CAS(T), ISO 27001, and IEC 62443. During the interview, be prepared to discuss how these standards apply to the role and how you have implemented them in previous positions.
✨Prepare Questions for the Interviewers
Think of insightful questions to ask about the company's approach to cyber security and how they measure success in this role. This shows your genuine interest in the position and helps you assess if the company is the right fit for you.