Jobs Menu

    View All Vacancies

    Information Security Manager


    Location:  Derby - Head Office
    Contract Type:  Permanent
    Salary:  £55-60k dependent upon experience
    Closing Date:  Friday 22 November 2019
    Reference:  2019-268

    We have a great opportunity to join the IT team as an Information Security Manager to provide advice and guidance to directors, management and staff at all levels in IT risk, control, compliance and governance issues. 

    The Information Security Manager will be the key driver of the design, delivery and embedding of the information security aspects of our IT Strategies.  You will provide objective assurance around the adequacy and effectiveness of IT risk management, control and governance processes by contributing to the delivery of a professional risk-based internal audit and compliance service.

    The key responsibilities include:

    • Perform regular reviews of where East Midlands Railway currently sits in regards to ISO 27001 compliance and identify the risks created by non-compliance.  
    • Formulate and maintain an IT and Data Security implementation plan in conjunction with the IT team and the Internal Audit and Compliance function to provide a professional IT and data security risk assurance and audit service to the business.
    • Contribute to the design of the policies, procedures and controls required to mitigate IT and data security risks into the wider business.
    • Offer accurate industry/compliance advice to EMR management and staff at all levels on a frequent basis through interactions whilst carrying out activities pertaining to the role
    • Represent EMR at the Abellio UK Group steering groups, assuming responsibility for all outputs from this forum.
    • Communicate key issues and solutions to management by producing clear, concise and timely reports, presentations, etc.

    You will also promote the continuous improvement of IT Security risk management and control processes by developing a proactive, customer-focused relationship with management, ensuring that issues identified are resolved.  

    To be great in this role you will need to be pro-active in managing workload including planning the scope, aim and objective of each review, ensuring that key risk areas are assessed and evaluated.

    Communication skills and the ability to engage with stakeholders is essential for the Information Security Manager as you will be required to offer accurate industry compliance advice to management and staff at all levels on a frequent basis. 

    Skills/ Qualifications required

    • Significant experience in a similar role with a robust portfolio of Information security work
    • Experience of implementing ISO 27001 / CISO standards in a rapidly changing organisation.
    • ITIL V3 certification or similar.
    • Experience of managing and reporting on PCI DSS.

    The successful candidate will enjoy a wide range of benefits including a fantastic pension scheme and free travel on the East Midlands Railway network. You will also receive subsidised travel across the rail network with other train operating companies. As a member of the East Midlands Railway team you will also be able to purchase Friends and Family discounted tickets, and join the Cycle Scheme.

    To apply please complete the online application form and upload your CV. As we operate a blind screening process please remove all personal information including your name from your CV.  To find out more about working life at East Midlands Railway you can visit

    The closing date for this job opportunity has now passed, and applications are no longer being accepted for this position

    We welcome applicants from diverse backgrounds, we promote equal opportunities for all.  East Midlands Railway is a non-discriminatory employer committed to the recruitment and promotion of all on the basis of ability and merit irrespective of disability, race, gender, health, social class, sexual preference, marital status, nationality, religion, employment status or age. We’ll treat your application fairly and assess you for the job based on merit and skills. 



    Forgotten Details