Skip to main content

Senior Cyber Security Manager

Posted: 10 Sep 2020 Closes: 24 Sep 2020
London Competitive
Permanent & Full-time HS2_20000771

As Senior Cyber Security Manager you'll be responsible for cyber/electronic security assessments and assurance activities in agreement with the Head of System Safety, Security and Interoperability. This includes leading the interface of the safety assessment and cyber security to ensure there are no missing aspects. The scope of the work includes all electronic security of railway operational systems, e.g. rolling stock, signalling, engineering management systems and SCADA systems in general.

The role will be part of the team responsible for the leadership of the system safety, security and interoperability activities for HS2, supporting the design of a safe, technically integrated and compliant future operational railway.

The team is developing the system safety, security and interoperability strategies, processes and procedures for the HS2 project as well as directly leading or managing Page 2 of 7 some of risk assessments. The team also manages the HS2 CSM-RA Assessment Body (AsBo) and the Notified Body (NoBo).

About the role:

  • Technical lead of the discipline; responsible for all aspect of electronic security across all engineering operational asset areas;
  • Provide technical leadership for the assurance and acceptance of electronic security of HS2 engineering operational assets, from a safety, integrity and functionality perspective, with particular focus on Signalling, Rolling Stock, Communications, Power, Stations and wider SCADA systems;
  • Responsible for supporting the HS2 organisation to ensure compliance with the Railways (Interoperability) Regulations, the Common Safety Method regulation on Risk Evaluation and Assessment, Railways and Other Guided Transport Systems (Safety) Regulations and appropriate Security Instructions issued under the Railway Act, specifically with regards electronic security demonstration for the HS2 project;
  • Responsible for ensuring that HS2 engineering operational asset electronic security vulnerabilities are identified, recorded, risk assessed, by developing and implementing an Engineering Operational Asset Security Framework, including the development, where appropriate, of Security Standards, Principles, Policies, Standards, and Implementation Guidance;
  • Proactively working with the delivery work streams to ensure that the electronic security acceptance requirements and assurance evidence required (including support of any safety justification) are understood and will be available prior to the HS2 engineering operational asset / systems being offered for acceptance;
  • Assess, test, monitor and manage the electronic security risk for HS2, including potentially leading safety and security risk assessments for specific discipline areas, being able to self-sufficiently plan, run and write up risk workshops. Develop reports and be able to justify and explain results within the organisation;
  • Ensure HS2 operations have effective incident response capability to electronic attack;
  • Ensure HS2 capital development and operations have trained and competent staff to support the above security activities;
  • Influence the development of the HS2 enterprise architecture, including corporate assets and engineering operational assets towards a secure enterprise reference architecture model (such as IEC 62443);
  • Through the use of industry good practice, ensure that HS2 has exercised due diligence with regard to electronic security, particularly when viewed from the perspective of the ORR, DfT, NCSC and other external bodies and also position HS2 so that it can better respond to legislation or regulation in this area;
  • You will be expected to actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI.
  • The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity & Respect.


Qualifications:

About You:

• Able to provide specialist technical support and leadership on discipline-specific scientific, technical and engineering principles to project development / delivery teams, but knowing when to seek further guidance from other Subject Matter Experts or others.

• Applies principles and methods that ensure effective information management, modelling and data security; understands the approaches and consequences to data creation, transformation and visualisation and knowing when to seek guidance from other Subject Matter Experts or others.

• Capable of being a Standard Owner, working under the guidance of the Standard Discipline Owner.

• Knowledge and Experience of delivering evidence of cyber security design within a safety critical environment, e.g. aviation, rail, maritime, oil/gas, nuclear or military applications (doesn't have to be rail specialists)

• Interfacing with key government departments and regulators.

The post-holder is expected to behave at all times in a manner consistent with the HS2 values of Safety, Leadership, Integrity and Respect

We ask for a variety of detail in your online application, however we perform the first assessment of suitability for a role based solely on the information in your CV. Please attach an updated word version of your CV for each new application and include evidence directly related to the criteria in the job advert.

About Us:

High Speed 2 (HS2 Ltd) will be the UK's new high speed rail network. As well as improving capacity, the new scheme will shorten journey times between a number of Britain's major population centres, boost the economy and create thousands of jobs.

HS2 Ltd will create a skills legacy and develop a diverse range of talent. We aim to be a leader in EDI practice by creating a safe & inclusive working environment for all our staff - living our values of Safety, Respect, Integrity and Leadership.

In practice, this means we are positive and inclusive about making adjustments, providing flexible working, encouraging our staff networks to flourish and providing personal and professional development opportunities.

HS2 Ltd is also a safety-critical organisation. Employees are required to ensure reasonable care of their own and others' health and safety by taking personal responsibility for working to our 'Safe at Heart' programme principles and following safe working procedures at all times.

HS2 Ltd endeavours to ensure everyone working for us and with us feels included, thrives and achieves their full potential.

High Speed 2

Share Job