Network Support Engineer (Security)

You will need to login before you can apply for a job.

About Network Rail

Network Support Engineer (Security)

Join Network Rail - Where People and Connections Matter

At Network Rail, we're dedicated to keeping passengers and freight moving safely and efficiently across the country. When you join us, you're not just part of a team - you're part of something that matters to millions. We believe that our people are at the heart of what we do, and every role plays a vital part in building a better, more connected railway. Learn more.

We're committed to creating a diverse, inclusive workplace that reflects the communities we serve. To discover more about our ED&I commitments, click here. We value flexibility and understand the importance of a healthy work-life balance. As a Disability Confident Leader, we'll do everything we can to accommodate any needs throughout the recruitment process.

If you're ready to make a real difference, we'd love to hear from you!

We offer excellent benefits, including:

• Generous annual leave (28 days plus statutory days), with the option to buy/sell days.
• Defined benefit pension scheme.
• 75% subsidy on rail and underground season tickets.
• Up to 75% off leisure travel.
• Interest-free travel loan for train and car park season tickets.
• Discounts at stations with your Network Rail pass.
• Flexible/hybrid working arrangements.
• Volunteer leave to make a positive impact.
• Healthcare Scheme, GymPass discounts, Cycle to work, and more.

We also offer generous maternity, paternity, and adoption leave to support our employees during significant life moments.

Brief Description

The railway has a rich history of nearly 200 years of technology and innovation that has transformed service delivery. Technology continues to revolutionize the railway industry. Imagine working in an environment where Digital, Data, and Technology (DDaT) are not just buzzwords but the driving force behind operations, decisions, and solutions.

As part of the DDaT directorate, you will have a unique opportunity to enable our customers and industry partners with modern and transformative technology. From daily IT operations that keep the railway running to extensive delivery programs that reshape the industry, we are at the forefront. We foster a talented and passionate workforce, empowering individuals and teams who see technology as a catalyst for progress in a constantly changing industry.

Click 'apply for this job' to submit your application. For inquiries, contact the Resourcing Team at mark.powell4@networkrail.co.uk.

About the role (External)

Main responsibilities:

Support the continuous improvement of NRT Security Operations capabilities and processes to protect the confidentiality, integrity, and availability of Network Rail's assets. Provide operational capability for monitoring systems to prevent, detect, remediate, and recover from security threats, vulnerabilities, and incidents.

What will you be doing?

• Monitoring, evaluating, and responding to security events and incidents using security technologies and understanding exploits and vulnerabilities.
• Providing real-time log analysis and investigation to recognize intrusions and compromises, ensuring network and data security.
• Taking corrective actions or escalating as per procedures during security events, managing investigations to resolution.
• Recognizing network intrusion attempts or compromises based on traffic patterns, behaviors, or signatures, and distinguishing false positives.
• Monitoring external vulnerabilities, advisories, and penetration techniques, applying risk-based threat assessments.
• Conducting periodic vulnerability assessments and reporting on the asset estate.
• Identifying insecure services and ports through compliance activities.
• Developing and maintaining Security playbooks for incidents and breaches.
• Implementing automation within playbooks and systems.
• Generating security operational reports on SOC activities.
• Performing tasks as directed by the team leader or daily operations list.
• Monitoring the health of security devices within the network as part of a team.
• Line management responsibilities for junior SOC analysts.
• Maintaining and enhancing security applications and tools supporting the Telecoms estate.
• Integrating new tools and security systems.
• Provisioning SOC services with customers and projects.

The ideal candidate

Meet the essential criteria? Apply today to join our team

• Experience in a SOC/NOC environment
• Strong analytical and problem-solving skills
• Understanding of incident response processes from identification to resolution
• Good knowledge of SIM/SEIM/SOAR tools
• Experience with event log analysis, network traffic capture, and related tools
• Strong understanding of networking and security technologies (routers, switches, firewalls, IDS/IPS, DDoS, servers, end-point devices)
• Understanding vulnerability assessment processes and technologies
• Experience in system hardening aligned with security requirements

Desirable

• Security qualifications (e.g., Security+, GIAC, ECSA, GCIH)
• Experience with QRadar SIEM platform
• Experience automating in SOAR platforms
• Knowledge of CERT/CSIRT processes
• Understanding of compliance frameworks (ISO 27001, 27002, CoBiT)
• Experience in Microsoft and Linux system administration
• Network administration experience (Cisco, Juniper, Palo Alto)
• DevOps experience including coding, scripting, and automation

How to apply (External)

Vacancy type: Permanent, 35 hours/week, Hybrid working (2/3 days in-office)

Location: Manchester Piccadilly Tower

Closing date: 2nd June 2025

Interviews: From 16th June 2025, face-to-face in Manchester

Band & Salary: Band 4C, £43,588 - £50,018 plus benefits

We are committed to diversity and inclusion, fostering an environment where everyone can thrive. Our employee networks and Diversity & Inclusion Champions support this mission. For more info, visit our Diversity & Inclusion page.

If you consider yourself to have a protected characteristic and need additional support with your application, contact the Resourcer for assistance.