Job Specifications
Welcome to Transport for London Careers
Take a look at job opportunities with us and you may be surprised at what you discover: a rich heritage, a commercial outlook, an iconic brand, a unique public service. It all adds up to make Transport for London a great place to develop your career. Here you can start your journey!
Key Information
Job title: Principal Engineering Leader – Cyber Security
Band: 4
Salary: circa £90,000 (depending on skills & experience)
Contract type: TfL
Reference: SF2271
Location: Hybrid/ Endeavour Square, Stratford
Application closing date: Monday 19th January at 2359
Hybrid working within this role enables a balance of 50 per cent of time split between the office and home over a 4-week period. Hybrid working arrangements can evolve subject to business requirements.
Role Overview
The role directs, leads and line manages the TfL Engineering Cyber Security team, overseeing and managing the cyber security activities in TfL Engineering, providing expert advice and guidance to programmes, sub-programmes, projects and risk owners in Capital Delivery on all matters of cyber and information security risk management. As a first line of defence capability, the team supports risk owners in ensuring that the organisation has appropriate and effective cyber security defensive capabilities in place to protect our operational technology systems.
The role will engage and maintain relationships with key stakeholders and teams and provide support to regulatory activities and capital delivery projects, enhancing cyber security capabilities and undertaking activities to reduce cyber security risk. The role applies extensive expertise in the field of cyber security, providing authoritative technical leadership, interpreting technical strategy and company policy to satisfy business requirements. They will support the development and implementation of solutions, demonstrating a good understanding of the business operation and requirements when formulating solutions and recommendations and providing constructive challenge to deliver the right outcomes.
Key Accountabilities
Directing, leading and managing a team of cyber security engineers who are responsible for working with project teams ensuring projects implement cyber security in accordance with TfL policies, standards and guidelines as well as international standards and good practice.
Supporting the development of appropriate management processes, to then implement these processes to ensure security requirements are continually updated and reflected in the system security solution designs.
Ensuring the cyber security risk management and assurance processes are established and implemented to provide continuous feedback to all stakeholders and to improve the security posture in projects.
Ensuring that cyber security requirements are established, implemented, verified and validated and that cyber security risks are identified, managed and controlled throughout the project lifecycle, so that systems are acceptably secure at the point of delivery. Involved in reviewing and agreeing the cyber security requirements that result from the individual project risk assessments.
Support the cyber security engineers, project engineers, assurance leads and other business and third party stakeholders in the creation, review and approval of cyber security assurance to support system acceptance.
Represents TfL Engineering as a cyber security Subject Matter Expert. Be the cyber security primary point of contact, engaging where necessary with the likes of the TfL Cyber Security Team, Engineering Professional Heads, Department for Transport, TfL Cyber Security Steering and Working Groups and other applicable stakeholders.
Support cyber security engineers in the creation and review of cyber security artefacts and deliverables.
Make authoritative technical recommendations which have a high impact on organisational performance
Ensuring the safety, functionality and compliance of high risk, newly implemented or altered assets, engineering processes, procedures or systems
Specify technical competence requirements for the workforce to enable the assignment of the right capabilities
Essential Skills
Relationship and stakeholder management, including excellent interpersonal and influencing skills. Relevant stakeholders may include all levels including senior executives.
Highly effective verbal and written communications skills, particularly the ability to readily translate technical risks into business language.
Ability to review and influence technology and engineering designs at a high level.
Ability to analyse and recommend cyber security requirements and controls.
Ability to lead a team across a varied portfolio of work.
Excellent analytical and problem solving skills using a pragmatic approach.
Maintaining a constructive approach to developing and mentoring team members.
Essential Knowledge
Has current knowledge and understanding of cyber security and infor
About the Company
Every day, we help millions of people to make journeys across London: By Tube, bus, tram, car, bike – and more. People don’t associate us with journeys by river, on foot or via the air, but we help with that, too. Getting people to where they need to go has been our business for over 100 years, and it shows. We’re leaders in our field, and no other city’s transport system is quite as recognisable: Red buses, black taxis, Tube trains and roundels have become icons in their own right.
Our main job is to keep the city moving,...
Know more