Cyber Security Manager in London

TXM are exclusively representing GTS Rail Operations an industry-leading train operator, bringing together the very best expertise to transform travel across London.

GTS Rail Operations is an equal opportunities employer. Our recruitment and selection policy

attracts and ensures the highest quality candidates are appointed using objective job-related criteria.

This is an exciting opportunity within the IT operations centre based in London. Reporting the to the Head of IT, the successful candidate will play a key role protecting IT services and infrastructure

from cyber security threats.

Role Overview

The purpose of a Cyber Security Manager role is to protect GTS Rail Operations Limited’s IT

Services and infrastructure from cyber threats. The role is responsible for designing, implementing,

and maintaining security measures to ensure the confidentiality, integrity, and availability of data and

services. The role includes identifying vulnerabilities, monitoring for security breaches, and

responding to incidents. They also work to educate employees on best practices for information

security.

Main Responsibilities

• Security Implementation and Management
• Deploy and optimise security solutions to safeguard IT services and infrastructure.
• Lead security assessments including vulnerability testing and risk analysis to identify and mitigate potential threats.
• Design and enforce security controls based on identified requirements and gaps in existing structures.
• Threat Detection and Response
• Monitor and respond to security incidents ensuring rapid and effective action.
• Develop comprehensive incident response plans to maintain organisational resilience against threats.
• Oversee operational security processes with tools like SIEM, EDR, and Vulnerability Management, continuously enhancing capabilities.
• Network and System Security
• Manage advanced security tools such as firewalls and IDS/IPS to protect network integrity.
• Enforce robust security policies to maintain system security standards.
• Compliance and Audit Support
• Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments.
• Support audit processes by providing necessary documentation and evidence of compliance.
• Security Awareness and Training
• Conduct regular training sessions to cultivate a security-aware culture.
• Develop and update security policies, communicating essential guidelines across the organisation.
• Cloud and Application Security
• Enhance the security of cloud services (SaaS, PaaS, IaaS) and enterprise applications
• through advanced security measures and identity access management (IAM).

Education & Competencies

• University Degree or equivalent preferred
• A minimum of 3 years' experience in a similar role.
• Strong and demonstrable experience of Cyber Security Operations and Engineering. Cyber Security Certifications, CISSP, Azure Security and additional qualifications.
• Good underpinning knowledge of the Microsoft technology stack, cloud, on-premises and End user Compute.
• Understanding and experience of web filtering, email security, SIEM, EDR/XDR. Experience of managing investigations in SOC (L2 or above)