Job Advert
At KeolisAmey Docklands (KAD), we operate and maintain the Docklands Light Railway, keeping London moving safely, reliably and efficiently.
Technology and cyber security are fundamental to our operation. As our railway continues to evolve through new rolling stock, digital transformation and expanding services, protecting our systems, data and operational technology has never been more important.
We're looking for an experienced Information Security Manager to lead our cyber security function, ensuring the organisation remains resilient against evolving threats while maintaining compliance with regulatory and franchise obligations.
Reporting to the Head of IT and Information Security, you'll be responsible for leading KAD's Information Security function and managing our cyber security governance, risk and compliance activities.
You'll own our Information Security Management System (ISMS), lead cyber assurance across major business and infrastructure projects, manage security incidents, oversee regulatory compliance and provide expert cyber security advice to senior leaders, clients and regulators.
Leading a small specialist team, you'll combine strategic leadership with hands-on technical expertise to help safeguard one of London's critical transport networks.
-
Lead and continually improve KAD's Information Security Management System (ISMS)
-
Own compliance with ISO 27001, NIS Regulations, Cyber Essentials, PCI DSS and franchise cyber obligations
-
Lead cyber risk management, governance and security assurance activities
-
Manage cyber security incidents, investigations, recovery and regulatory reporting
-
Provide security assurance for new infrastructure, rolling stock and technology projects
-
Oversee vulnerability management, penetration testing and technical security controls
-
Lead internal and external audits and certification activities
-
Manage supplier cyber security assurance and third-party risk
-
Provide cyber risk reporting and advice to senior leadership, clients and regulators
-
Lead, develop and mentor the Information Security team
-
Promote a strong cyber security culture across the organisation
-
Significant experience leading Information Security within a regulated or operationally critical environment
-
Professional certification such as CISSP, CISM or CISA
-
ISO/IEC 27001 Lead Implementer or Lead Auditor certification
-
Proven ownership of a live ISO 27001-certified Information Security Management System
-
Experience maintaining compliance with NIS Regulations, Cyber Essentials and PCI DSS
-
Strong knowledge of cyber security governance, risk management and technical security controls
-
Experience managing cyber incidents and regulatory reporting
-
Experience leading cyber security assurance for projects and system integration
-
Strong stakeholder management skills with experience working with senior leaders, clients and regulators
-
Proven experience leading and developing Information Security or GRC teams
-
Rail, transport or critical infrastructure experience
-
Operational Technology (OT) security experience
-
Experience working with government regulators or Competent Authorities
-
Knowledge of UK GDPR and Data Protection
-
Experience within franchise or concession-based environments
As part of the Transport for London (TfL) family, you’ll enjoy a range of competitive benefits, including:
-
Free travel on the TfL network for you and a nominated household member.
-
75% discount on National Rail season tickets.
-
Interest-free season ticket loan.
-
Pension scheme with up to 10% employer contribution.
-
Access to Perkbox, Doctor Care Anywhere virtual GP, and Employee Assistance Programme.
If you're an experienced Information Security professional looking for an opportunity to combine strategic leadership with hands-on cyber security in a critical infrastructure environment, we'd love to hear from you.
We are committed to building a diverse workforce and particularly encourage applications from underrepresented groups, including women, early career talent (under 25) and individuals from ethnically diverse backgrounds.
Please note: If successful, you will be required to undergo Baseline Personnel Security Standard (BPSS) clearance, including a DBS check, right to work verification and employment references.
Closing date: 19th July 2026