A major public urban transport operator is consolidating its cybersecurity programme to meet new regulatory requirements and strengthen operational resilience. The IT Security department runs the organisation's security processes; this role focuses on coordinating the cybersecurity portfolio under the NIS2 programme and applying ISO 27K principles alongside practical IT project experience.
The mission
The department operates the organisation's information security processes and implements security policies across IT and operational teams, with a particular focus on NIS2 compliance. Work covers defining security directives, tracking action plans and ensuring consistent application of controls where IT systems interface with operational technology.
You will coordinate a portfolio of cybersecurity projects and translate policy into operational guidance, working directly with the Information Security Manager and multiple business and IT stakeholders. Typical day to day work includes overseeing project deliverables, maintaining clear security reporting and dashboards, and supporting operational teams to integrate security requirements into existing projects and services.
Your responsibilities
- Coordinate the cybersecurity programme under NIS2 to ensure coherent delivery across multiple projects and teams, maintaining alignment with ISO 27K principles.
- Drive project portfolio outcomes by tracking milestones, managing dependencies and escalating risks so security initiatives meet delivery timelines and compliance targets.
- Translate information security policies into practical directives and control requirements that operational and IT teams can implement.
- Support operational teams with security requirements and regulatory interpretation, enabling secure deployment of IT and OT changes.
- Produce and maintain clear security reporting and dashboards that show progress, risk coverage and outstanding actions for senior stakeholders.
- Maintain and follow up on security action plans until formal closure, ensuring remediations are tested and verified.
Your profile
Essential skills
- Demonstrable experience coordinating cybersecurity programmes, including hands-on IT project experience and portfolio management.
- Practical knowledge of ISO 27K frameworks and how to translate standard controls into operational directives.
- Strong understanding of cyber threats and security technologies relevant to enterprise IT and operational environments.
- Proven ability to communicate security status and risk to technical teams and senior stakeholders through clear reports and dashboards.
- Experience working alongside an Information Security Manager and liaising with multiple internal stakeholders to achieve compliance objectives.
- Comfortable working independently while engaging as a team player, adaptable to changing priorities and receptive to feedback.