About DFT Operator
Join Our Team at DFTO
DFTO is the government’s public sector rail owning group. Its purpose is to bring all currently privately‑owned train operators into public ownership in advance of the creation of Great British Railways in 2027 - and deliver improvements in the here and now by unifying and integrating train operations under common public ownership.
DFTO has over 30,000 employees, runs over 8,500 services a day and delivers over 640 million customer journeys across its networks every year. 7,000people joined the railway family in the last year
Major improvements are being delivered by DFTO train operators (TOCs) that are already under public ownership - these are LNER, Northern, TransPennine Express (TPE), Southeastern, South Western Railway (SWR), c2c, Greater Anglia and WM Trains.
We work closely with the DfT but operate independently with our own governance and leadership teams. Our priority is ensuring efficient, dependable rail services for everyone.
Primary Purpose of Job
This role will support the Group Head of Cyber Security to deliver the DFTO Cyber Strategy and work to ensure DFTO aligns future development to the wider GBR Cyber Strategy. The post holder will contribute to developing a wider understanding across the company of how cyber security supports the delivery of DFTO and GBR strategic objectives.
This role will lead continual improvement across DFTO and DFTO Operator cyber security processes, embedding a robust continuous improvement approach. By overseeing and monitoring cyber security solutions across DFTO and its Group Operators, the role will help protect the organisation from cyber threats while ensuring compliance with recognised industry cyber security standards.
Develop, enhance and optimise information security compliance, assurance and awareness across DFTO and Operator TOC’s. The role will manage information security compliance activities to support aligning DFTO and Operator TOC’s to achieving and maintaining certification in line with agreements and gaining any other Information Security related Standards as required. The post holder will act as a point of contact in respect of the various security standards in place for cyber security teams across the DFTO Group as well as being responsible for supporting central DTFO colleagues.
Ensure information security policies and procedures are documented and compliance to the same is appropriately recorded to meet external review and audit. Establish a compliance and review timetable which aligns to various standards (NIS Directive, PCI DSS, ISO27001, Cyber Essentials, GDPR etc.) and is shared with all stakeholders.
As a subject matter expert in multiple cyber security technologies the post holder will be responsible for the management, maintenance and improvement of cyber security across multiple platforms, networks and applications. The key focus being to ensure the DFTO Group is protected from cyber and information security risk.
This position will ensure robust, scalable, and high-quality support to ensure the DFTO group’s strategic objectives are achieved.
Key Responsibilities
* Support the DFTO Group Head of Cyber Security to oversee the delivery and support of cyber security applications and platforms.
* Manage the continued review, research, and development of current security controls, ensuring their effectiveness and efficiency support the GBR Cyber Strategy and contribute to a wider understanding of how cyber security supports the delivery of DFTO and GBR strategic objectives.
* Manage the Cyber Security Risk Register working with business and solution owners to identify, mitigate, treat and remediate risk in accordance with the DFTO Group risk appetite, ensuring alignment to industry best practice.
* Provide insight to the Group Head of Cyber Security based on the information gained through monitoring networks and systems for critical security breaches.
* Collate DFTO Group compliance against the NIS Directive, ensuring that required Policy & Processes are embedded across Operators and is sustainable. Ensure that, as an Operator of Essential Service, the operators are appropriately aware of their responsibilities as defined by the Cyber Compliance Team and in line with the Cyber Assessment Framework published by the NCSC.
* Participate in peer reviews of deliverables and carries out formal and informal reviews of technical designs, standards, documentation and/or implementations.
* Ensuring all business equipment is configured to an appropriate standard to meet information security standards.
* Lead cyber security projects as assigned, following a recognised methodology, through specification, testing, implementation and documentation, including ongoing support strategy.
* Support security breach investigations within a defined area of responsibility to maintain the compliance with internal security policies.
* Provide support for any incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
* Produce comprehensive reports including assessment-based findings, outcomes and propositions for current security compliance and further cyber security assurance activities.
* Support awareness training on cyber security standards, policies and best practices.
Key Competencies
* Expert knowledge of achieving and maintaining compliance with the ISO27001, GDPR, PCI DSS, and other security Standards.
* Knowledge of core security principles e.g., Security by Design, Defence in depth and CIA Triad model.
* Effective team player experienced at dealing at all levels with effective influencing and negotiating skills. Ability to form constructive and proactive working relationships at all levels with all stakeholders whether internal or external.
* An ability to work well under pressure in a rapidly evolving environment. Ability to work across a portfolio of projects and programmes to create an integrated way forward which meets the long‑term needs of the business.
* Effective interpersonal skills and an ability to use influence to gain buy‑in to enable change to happen through others.
* Proven track record of delivering change and continuous improvement. A drive to deliver tangible outcomes which meet business requirements.
* Good communications and presentation skills both verbal and written. A good level of numeracy and sound analytical skills, problem‑solving skills and ability to stay calm under pressure.
* An ability to work well under pressure in a rapidly evolving environment
* An ability to work at both DFTO Group level and with individual TOC’s to set a high baseline for cyber security practices that align with the DFTO Cyber Strategy & Roadmap.
Knowledge, Skills, Experience & Technical Qualifications
* Educated to degree level or equivalent.
* Significant current experience in a Cyber Security Compliance and Assurance role, that includes relevant experience in information security.
* Recognised industry security certification such as CISSP or equivalent.
* ISO27001 Lead Auditor Certification, or working toward formal certification.
* Experience with network security and with system, security, and network monitoring tools.
* Experienced with professional and technical knowledge and extensive and in‑depth understanding of the application, interpretation, and compliance with the ISO27001, NIS Directive, Cyber Essential Plus, PCI DSS, GDPR, and other security Standards.
* Experience of establishing and managing an information risk management framework, either in an ISO27001 or PCI DSS environment.
* Hands on experience in security systems, including firewalls, intrusion detection systems, anti‑virus software, authentication systems, log management, content filtering, etc.
* Experience of leading management reviews of the performance of the ISMS.
* Proven experience in managing internal and external information security communication channels and an ability to work across at Group and individual operator level.
This role reports to the Group Head of Cyber Security and will work closely with DFTO Cyber/Information Security colleagues across business units and external TOC stakeholders. The postholder will work at the core in shaping DFTO’s IT security landscape as the organisation expands its public ownership footprint and delivers secured services across the Group.
Vacancy Details
Duration: Perm
Location: London Waterloo/Hybrid
Salary: up to £84,000
Closing date: 2nd June 2026
Report to: Head of Cyber Security
DFTO Benefits
Annual Leave: Starting at 25 days and rising to an additional day per year of service completed within the first 5 completed years up to a maximum of 5 additional (30 days)
DC Pension Scheme: 10% Employer contribution, 5% Employee contribution
Opportunities to learn and network across the wider industry
Contact: If you have any questions or reasonable adjustments, please contact Jason.blakemore@dftoperator.co.uk
#J-18808-Ljbffr