- Chiltern Railways
- Hybrid working avail. with option of office in London, Aylesbury or Banbury
- Permanent, Full Time
£70,000 to £80,000 per annum + flexible working options
IT and Cyber Security Manager / Chief Information Security Officer (CISO) – option to work from home 1 or 2 days per week, combined with working at our offices in either London, Aylesbury or Banbury, whichever you prefer.
Chiltern Railways is a train operating company owned by Arriva UK trains, offering services from London Marylebone to destinations in Buckinghamshire, Oxfordshire, Warwickshire and the West Midlands. You’ll join our IT team consisting of 7 colleagues, at an exciting time of business growth and change.
The Role – IT and Cyber Security Manager / CISO
As the IT and Cyber Security Manager / CISO, you will manage the technical cyber security environment, Security Operations Centre and take responsibility for information security management. This is a hands-on role, where you’ll ensure appropriate levels of cyber security controls, working alongside other internal teams outside of IT. Your duties will include:
- Working with the Head of IT to create, maintain and deliver a robust cyber security roadmap
- Owning and maintaining all security related policies and procedures
- Implementing “security by design”
- Driving a culture of IT and cyber security awareness and responsibility
- Developing and maintaining the information security strategy
- Conducting ongoing security threat, risk, capability and / or maturity assessments (penetration testing, threat intelligence, incident management and playbooks)
- Engaging and collaborating with third party vendors to ensure capacity of retained specialist resource e.g., IT forensic analysis, penetration testing, security auditing, etc.
Our Requirements – IT and Cyber Security Manager / CISO
- Solid experience gained in a similar role, with an understanding of security legislation, regulatory frameworks, security methodologies and industry standards (e.g., NIST)
- Experience setting up and running Security Operations Centre services
- Experience with cybersecurity / IT management software e.g., Rapid 7, Sophos MTR, Solarwinds, and / or SNOW
- Experience with Cloud infrastructure and services (Azure / O365)
- Solid understanding of IT infrastructure fundamentals such as networks, operating systems, and databases
- Knowledge of GDPR
- Salary in the region of £70,000 to £80,000, level dependent on experience
- Permanent contract, working 37.5 hours per week between the hours of 9am and 5pm
- Opportunity to work from home 1 or 2 days per week, combined with working in the offices in either London, Aylesbury or Banbury, whichever you prefer
- Flexible working options available where practical e.g., annualised hours, shift working, staggered hours, part-time working, compressed hours, career breaks etc.
- Company pension plan
- 25 days annual leave, plus bank holidays
- Free travel on Chiltern Railways and all other Arriva companies, with discounts on international travel after 12 months
- Discounted rail journeys for family members
- Employee assistance plan, offering unlimited access to counselling, legal information, a physio line, and more
- Healthcare cash plan offering a wide variety of benefits including dental, optical and physiotherapy
- Online benefits site, offering savings on leading brands
- Cycle to work scheme
More About Us
We’re proud to say we’re part of a major European employer, and our people come from a wide range of backgrounds and cultures. We value every contribution from our diverse workforce that is reflective of our service users, and who make us stronger. Developing the very best employees is at the heart of what we do. That’s why we aim to provide all colleagues with worthwhile long-term employment, ongoing training and development opportunities, and a safe, supportive, and motivating work environment.
PLEASE NOTE: By clicking apply on this site, you will automatically be redirected to the Chiltern Railways website, where you will be required to complete an online application.
All applications for this IT and Cyber Security Manager / CISO role are to be submitted online, and strictly no agency calls or agency CV submissions.