Rodeo
ResourcesPartnersSign in

NCC Group

Rail Cyber Security Lead

London
Posted 27 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Department: Cyber Services and Capabilities

Location: GBR London

Description

We are seeking a highly skilled Cyber Security Rail Lead to join our Global Transport practice. This role is pivotal in strengthening and expanding our cyber security capability within the global rail ecosystem, while also supporting cross-domain engagements in maritime, automotive, and aviation as needed.

The ideal candidate will bring deep knowledge of operational technology (OT), rail systems, relevant international cyber security standards (including IEC 62443, TS 50701, IEC 63452), penetration testing methodologies, and the broader transport ecosystem. In addition to technical leadership, the individual will play a key role in supporting business development, building client trust, and elevating NCC Group’s profile within the rail sector.

This is a client-facing role requiring strong collaboration, communication, and leadership skills.

Key Responsibilities

  1. Technical Leadership (Rail Cyber Security)

    • Serve as the subject matter expert (SME) for rail cyber security across global engagements.
    • Lead, design, and deliver complex cyber security assessments across both operational technology (OT) and information technology (IT) environments.
    • Apply deep knowledge of rail-specific standards and frameworks, including:
      • IEC 62443 (Industrial Cyber Security)
      • TS 50701 (Railway Cyber Security)
      • IEC 63452 (Railway Rolling Stock Cyber Security)
    • Conduct or oversee penetration testing activities, vulnerability assessments, architecture reviews, risk assessment, and threat modelling for rail clients.
    • Provide expert interpretation of cyber security requirements for railway operators, manufacturers, and integrators.
    • Ensure security recommendations are aligned with safety, operational continuity, and regulatory requirements across the rail ecosystem.
  2. Rail Domain Expertise

    • Provide expert understanding of the rail ecosystem, including:
      • Signalling systems
      • Rolling stock
      • Control centres
      • Wayside and trackside equipment
      • Rail operational processes and safety requirements
    • Translate complex rail operations knowledge into training and mentorship for internal teams.
    • Act as the internal thought leader on emerging rail threats, vulnerabilities, and industry trends.
  3. Business Development & Practice Growth

    • Support the creation and growth of new rail opportunities globally.
    • Build NCC Group’s market presence in the rail sector through:
      • Thought leadership (whitepapers, webinars, industry events)
      • Client engagements and pre-sales support
      • Partnerships with key rail OEMs, operators, and regulators
    • Collaborate with engagement managers and leadership to define rail-focused service offerings.
    • Contribute to bids, proposals, and technical scoping activities for prospective customers.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

  1. Cross-Domain Support (Multi-Modal Transport)

    • Potentially support projects across maritime, automotive, and aviation domains as required, with team backing.
    • Maintain awareness of common OT and safety-critical technologies across transport sectors.
    • Promote knowledge-sharing across the wider Transport Cyber Security practice.
  2. Teamwork, Collaboration & Mentorship

    • Provide mentoring, guidance, and technical leadership to consultants at various levels.
    • Work closely with colleagues across global teams to deliver integrated and high-quality engagements.
    • Promote a collaborative, supportive, and inclusive team culture.
  3. Client Engagement & Delivery Excellence

    • Act as a trusted advisor to clients, providing clear, actionable cyber security recommendations.
    • Communicate complex concepts in a clear, professional, and client-friendly manner.
    • Ensure high-quality deliverables and maintain strong client satisfaction throughout engagements.

Skills, Knowledge and Expertise

Technical Experience

  • Proven experience in rail cyber security, ideally within operators, OEMs, integrators, or a cyber consultancy.
  • Strong experience working with and applying:
    • IEC 62443 (critical infrastructure cyber security)
    • TS 50701 (railway cyber security framework)
    • IEC 63452 (rolling stock cyber security)
  • Strong understanding of OT systems and technologies, including SCADA, industrial control systems (ICS), and safety-critical environments.
  • Practical experience in penetration testing or security assessment methodologies (not necessarily a full-time tester, but capable).
  • Experience with secure architecture review, threat modelling, and risk assessment in industrial or transport environments.

Domain Knowledge

  • In-depth understanding of the rail operational ecosystem, including signalling, rolling stock, safety systems, and regulatory standards.
  • Direct experience working within or for rail operators, system suppliers, or rail-integrated cyber projects.

Soft Skills & Professional Attributes

  • Excellent communication skills in both technical and non-technical contexts.
  • Strong client-facing experience and relationship management skills.
  • Ability to lead engagements and influence stakeholders at all levels.
  • Willingness to work collaboratively across geographies and disciplines.
  • Ability to teach and mentor others on rail systems and cyber security.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Desirable (Not Mandatory)

  • Recognised cyber certifications (e.g., CISSP, GICSP, ISA/IEC 62443 CyberSecurity Expert).
  • Experience contributing to industry standards or regulatory consultations.
  • Background in safety engineering or systems engineering in transport.

Benefits

  • Flexible Working: Balance your work and personal life with our flexible working options.
  • Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave differs for SOC shift workers, please speak to your TA partner for more information).
  • Medicash & Critical Illness Scheme
  • Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
  • Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
  • Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
  • Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
  • Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
  • Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at: global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Notice.

We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Cyber Security
Operational Technology
Rail Systems
Penetration Testing
Risk Assessment
Threat Modelling
Client Engagement
Communication
Leadership
Vulnerability Assessment
Architecture Review
Safety Systems
Regulatory Standards
Mentorship
Collaboration
Business Development

Location

London, England, United Kingdom

Sign up to applySee more jobs like this