Lead Security Assurance Specialist
Company
Location
Glasgow, Scotland, United Kingdom
Posted At
6/19/2025
Advertise with us by contacting: [email protected]
Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with Network Rail. For the most up-to-date job details, please visit the official website by clicking "Apply Now."
Description
Location
Glasgow, GB
Department Name
AM Head of Analysis Improvement Strategy (541804) G1
About Network Rail
At Network Rail, our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. Watch our video to find out more!
Scotland's Railway is part of this large family and it covers a large geographical area from the Borders to Thurso at the far tip of the North East of Scotland, accounting for almost 20 per cent of the UK rail network. We provide rapid access along busy commuter routes to our seven cities, servicing the varied needs of our business and leisure commuter services, including cross border services and rural services. We have up to 50 freight services operating every day and we are steadily building capacity for this to grow. Our ambition to be responsive to passengers and freight users, drives us every day and we're empowered to do the right thing for those who use the rail network. We actively challenge unsafe practices and take responsibility for addressing risks, resolving issues and protecting safety and wellbeing.
Our colleagues are encouraged to work flexibly as we know that busy lives don’t always fit around a traditional working pattern, if you need flexibility to complete your role just let us know and we will do our upmost to help you to invest in your career with us while balancing other aspects of your life.
We're also a Disability Confident Leader employer and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles.
We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone. For more information about Network Rail click here
Brief Description
The Engineering & Asset Management function of Scotland's railway focus on the provision of a high calibre engineering service that underpins the delivery of a safe, high performing railway network. Managing our infrastructure and assets also needs to be carefully planned, aligning objectives and activities which are delivered efficiently and sustainably, within budget.
This position offers the chance to advance our cyber security maturity. The successful candidate will serve as the primary point of contact and informed client for Scotland’s Railway. You will collaborate with route, regional, and national stakeholder groups and lead on localised solution with maximum benefit. Responsibilities include supporting national cyber security improvement initiatives, developing and coordinating the implementation of a cyber security maturity improvement plan, creating a compliance plan for relevant security standards, addressing audit actions, and documenting our approach to cyber security in alignment with the national strategy.
The initial phase will concentrate on Operational Technology. The aim is to achieve incremental and practical improvements that deliver appropriate cyber security capability and maturity. You will collaborate with route, regional, and national stakeholder groups and lead on localised solution with maximum benefit. Once initial phases are complete the role is expected to expand to cover all aspects of cyber security.
About The Role (External)
What to expect
What We’re Looking For
How To Apply (External)
Salary: £55,596 - £63,797
Network Rail Benefits – To find out about what benefits we offer, click here
Closing date: Midnight of 2 nd July 2025
Please note proof of all essential qualifications will be required.
Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted.
Please note the recruitment process for this role is an online work related behaviour assessment and a competency based interview.
We're dedicated to creating an inclusive environment and we welcome applications from everyone!
Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application.
All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information
Glasgow, GB
Department Name
AM Head of Analysis Improvement Strategy (541804) G1
About Network Rail
At Network Rail, our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. Watch our video to find out more!
Scotland's Railway is part of this large family and it covers a large geographical area from the Borders to Thurso at the far tip of the North East of Scotland, accounting for almost 20 per cent of the UK rail network. We provide rapid access along busy commuter routes to our seven cities, servicing the varied needs of our business and leisure commuter services, including cross border services and rural services. We have up to 50 freight services operating every day and we are steadily building capacity for this to grow. Our ambition to be responsive to passengers and freight users, drives us every day and we're empowered to do the right thing for those who use the rail network. We actively challenge unsafe practices and take responsibility for addressing risks, resolving issues and protecting safety and wellbeing.
Our colleagues are encouraged to work flexibly as we know that busy lives don’t always fit around a traditional working pattern, if you need flexibility to complete your role just let us know and we will do our upmost to help you to invest in your career with us while balancing other aspects of your life.
We're also a Disability Confident Leader employer and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles.
We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone. For more information about Network Rail click here
Brief Description
The Engineering & Asset Management function of Scotland's railway focus on the provision of a high calibre engineering service that underpins the delivery of a safe, high performing railway network. Managing our infrastructure and assets also needs to be carefully planned, aligning objectives and activities which are delivered efficiently and sustainably, within budget.
This position offers the chance to advance our cyber security maturity. The successful candidate will serve as the primary point of contact and informed client for Scotland’s Railway. You will collaborate with route, regional, and national stakeholder groups and lead on localised solution with maximum benefit. Responsibilities include supporting national cyber security improvement initiatives, developing and coordinating the implementation of a cyber security maturity improvement plan, creating a compliance plan for relevant security standards, addressing audit actions, and documenting our approach to cyber security in alignment with the national strategy.
The initial phase will concentrate on Operational Technology. The aim is to achieve incremental and practical improvements that deliver appropriate cyber security capability and maturity. You will collaborate with route, regional, and national stakeholder groups and lead on localised solution with maximum benefit. Once initial phases are complete the role is expected to expand to cover all aspects of cyber security.
About The Role (External)
What to expect
- Management and delivery of security assurance activities, conducting security surveys, audits, verifications and self-assurance assessment as directed completing such activity in accordance with the NR assurance framework.
- Support the delivery of the security assurance plan to demonstrate compliance with regulatory, legal and Network Rail standards and risk process.
- Manage and conduct security threat and risk assessments to identify control failures and deliver security risk management aligned to the NR security assurance framework.
- Present audit recommendations to management, secure commitment to implement and monitor post audit action plans addressing non-conformities, observations and recommendations.
- Supervise and conduct security engineering accreditation to support the whole lifecycle security assurance of railway systems.
- Conduct investigations into reported cyber security incidents, compile reports and recommend controls that address procedural or technical failure.
- Support the Security Assurance Manager to collaborate with government sponsored and external assurance providers to maintain compliance with Network Rail adopted security assurance certifications and standards.
- Support the Security Assurance Manager in maintaining security standards, policies and procedures and promoting security awareness and training to the wider business.
- Maintain and develop team competencies and training requirements.
What We’re Looking For
- Qualified ISO27001 Lead Auditor or proven relevant security compliance experience.
- Substantial knowledge and experience of security assurance standards and accreditation in particular CAS(T), ISO 27001 and IEC 62443 or comparable government or industry standards.
- Demonstrable experience in the delivery of industry recognised security assurance certifications or direct involvement in UK government security accreditation.
- Experience of information security audit and understanding of security threat and risk assessment.
- Experience in auditing one or more of the following security domains:
- Vulnerability assessments
- Authentication/access controls audit
- 3rd party due diligence reviews
- Business impact analysis
- Firewall compliance/rules audits
- Network security assessments
- Logical System security assessments
- Encryption Technologies
- Excellent communication skills with the ability to work as part of security audit and assurance team or alone as an individual auditor.
- Working toward or hold one or more additional professional cyber security qualification(s).
- Membership of relevant professional organisation(s) aligned to information security or security assurance (ISACA, ISC², BCS, etc.).
- Understanding of telecoms infrastructure.
- Understanding of industrial control systems security.
- Experience of working in the Railway industry.
How To Apply (External)
Salary: £55,596 - £63,797
Network Rail Benefits – To find out about what benefits we offer, click here
Closing date: Midnight of 2 nd July 2025
Please note proof of all essential qualifications will be required.
Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted.
Please note the recruitment process for this role is an online work related behaviour assessment and a competency based interview.
We're dedicated to creating an inclusive environment and we welcome applications from everyone!
Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application.
All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information
Advertise with us by contacting: [email protected]
Hunt UK Visa Sponsors
Copyright © 2025