Head of Cyber Security

About us:

DfT Operator (DFTO) is the public sector rail Owning Group with responsibility for all train operating companies (TOC's) as they transfer into public ownership. It is a publicly owned company established by the Department for Transport in 2018.

Our ambition is to deliver safe, secure and sustainable transport to everyone, everywhere. At the heart of this promise is improving journeys and providing customers with an excellent service, while supporting the industry to build a more passenger-focused railway.

We currently have four train operators: London North Eastern Railway (LNER) - Northern - Southeastern - TransPennine Express (TPE), delivering four and a half thousand services a day, and 300 million customer journeys across our network every year. Over the next 3 years, we will complete the transfer of all passenger services operated under contracts with the Department for Transport (DfT).

Our vision is to unify and strengthen train operators under the DFTO banner. By working collaboratively, we aim to become industry-leading in safety, customer service, financial and operational performance.

About the role:

The Head of Cyber Security is a critical leadership role at DFTO, responsible for establishing and maturing the group's overall cyber security posture, ensuring it effectively mitigates risks in the face of the evolving threat landscape.

This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating investment/programme plans to uplift their capabilities to appropriate levels.

The role also encompasses traditional cyber security functions, such as incident management, and a focus on developing common group cyber services for consistency and efficiency.

Key Competencies:

• Interpersonal Skills:
  Demonstrates a strong ability to build and maintain relationships with a diverse group of stakeholders, including executives, teams across the TOCs and external partners. Effectively engages and influences others to promote collaboration and win support. Takes a pragmatic and balanced approach to addressing risk.
• People Leadership:
  Leads by example and takes time to develop their team and coach others. Actively identifies and promotes growth opportunities as part of their teams personal development.
• Planning and Execution:
  Excels at creating and implementing detailed, effective frameworks and plans for Cyber development.
• Verbal and Written Communication:
  Possesses exceptional communication skills, able to articulate risks and solutions in a clear and pragmatic way. Communicates effectively with leadership, cross-functional teams, and external partners.
• Conflict Resolution:
  Skilled in managing and resolving conflicts effectively, ensuring productive outcomes for all parties involved. Able to navigate differences between IT, business units, and external partners to maintain alignment and focus on shared goals.
• Transparency:
  Committed to open and honest communication, maintaining high ethical standards and promoting trust through consistent and reliable actions. Ensures transparency in decision-making and operations.

Key Responsibilities:

• Cyber Security Strategy & Framework:
  Develop and maintain the group's overall cyber security strategy and comprehensive capability framework.
• TOC Maturity Assessment & Uplift:
  Assess TOC cyber security maturity, identify gaps, and develop/oversee implementation of tailored uplift programmes.
• Develop core cyber capabilities:
  Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence/vulnerability management programs as key priorities.
• Group Cyber Services & Technology:
  Develop, promote and implement shared cyber services and evaluate/select appropriate security technologies. Establish and oversee related TOC migration programmes.
• Regulatory Compliance & Governance:
  Ensure group and TOC compliance with relevant UK regulations (GDPR, NIS) and establish effective governance. Act as a key interface to audit and risk functions.
• Stakeholder Management & Communication:
  Engage and communicate effectively with key stakeholders, including executive leadership and TOCs.

Knowledge, Skills, Experience & Technical Qualifications

• Cyber Security Strategy & Risk Management: Extensive experience developing and implementing cyber security strategies, frameworks (including maturity models), and risk management methodologies in complex organisations. Accredited in ISO27001 or similar.
• Threat Landscape & Incident Response: Deep understanding of modern cyber threats and attack vectors, coupled with proven experience in developing and managing effective incident response processes.
• Regulatory Compliance & Governance: Strong knowledge of relevant UK regulations (GDPR, NIS) and experience ensuring compliance and establishing robust governance structures.
• Cyber Security Capabilities & Technologies: Expertise in building cyber security capabilities, including developing shared services, and evaluating/implementing relevant technologies.
• Team Leadership & Management: Demonstrated leadership capabilities, including building, motivating, and managing high-performing cyber security teams.

Preferred Experience:

• Experience working within the transportation, logistics, or rail industries.

Vacancy Details

Duration:Permanent

Location: Hybrid / London Waterloo

Salary: £80,000 to £87,000

Benefits

Annual Leave: Starting at 25 days and rising to an additional day per year of service completed within the first 5 completed years up to a maximum of 5 additional (30 days)

DC Pension Scheme: 10% Employer contribution, 5% Employee contribution

Opportunities to learn and network across the wider industry

For further information or any questions please contact Jason Blakemore in the first instance: jason.blakemore@dftoperator.co.uk

PLEASE NOTE: This opportunity is available on either a Permanent or an Industry secondment. Should anyone be applying for a secondment please ensure you notify your line manager prior to applying for the opportunity.

About our people and the recruitment process - We're an inclusive employer of choice and we welcome applications from everyone! We encourage our colleagues to work flexibly, as we know traditional working patterns don't always fit. If you want to consider working flexibly, just let us know and we'll do our best to help and invest in your career with us, whilst you have a healthy work life balance.

Disclaimer: Candidates applying for this position on a secondment basis must inform their line manager prior to submitting their application. This is to ensure transparency and facilitate any necessary discussions regarding workload and responsibilities.

Equity Statement:

At DFTO we are committed to creating an inclusive and equitable workplace where diverse perspectives and backgrounds are valued. We believe that diversity enriches our team and contributes to our success. We welcome applicants from all backgrounds and experiences, and we are dedicated to providing equal opportunities regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or other status. We strive to foster an environment where everyone feels respected and empowered to bring their whole selves to work. We actively promote practices that ensure fairness, eliminate biases, and support the growth and development of all employees. Join us in our mission to create a workplace that reflects the diverse communities we serve and fosters a culture of equity and inclusion. Together, we can build a brighter future where every voice is heard, every idea is valued, and everyone has the opportunity to thrive.