Job Description

Cyber Network Management Engineer (Security) - (Network Management Engineer (Security)) [2 x roles available]
Location
Manchester, GB
Department Name
IS Security (807520) G1
About Network Rail
Join Network Rail - Where People and Connections Matter
At Network Rail, we're dedicated to keeping passengers and freight moving safely and efficiently across the country. When you join us, you're not just part of a team - you're part of something that matters to millions. We believe that our people are at the heart of what we do, and every role plays a vital part in building a better, more connected railway.
We're committed to creating a diverse, inclusive workplace that reflects the communities we serve. To discover more about our ED&I commitments We value flexibility and understand the importance of a healthy work-life balance. As a Disability Confident Leader, we'll do everything we can to accommodate any needs throughout the recruitment process.
We offer excellent benefits, including:
? Generous annual leave (28 days plus statutory days), with the option to buy/sell days.
? Defined benefit pension scheme.
? 75% subsidy on rail and underground season tickets.
? Up to 75% off leisure travel for you and your family (subject to terms and conditions)
?? Interest-free travel loan for train and car park season tickets.
? Discounts at stations with your Network Rail pass.
? Flexible/hybrid working arrangements.
?? Volunteer leave to make a positive impact.
? Healthcare Scheme, GymPass discounts, Cycle to work plus more.
? We offer generous maternity, paternity, and adoption leave to support our employees during significant life moments
Brief Description
The railway has seen nearly 200 years of technology and innovation that has transformed how we provide services to passengers and freight customers. Technology is continuing to transform the railway industry. Imagine an exciting environment where Digital, Data, and Technology (DDaT) are not just buzzwords but the driving force behind every operation, every decision, and every solution.
As part of the DDaT directorate, you have a unique opportunity to enable our customers and industry partner with modern and transformative technology. From the day-to-day IT operations that keeps a national railway running, to the extensive delivery programmes that our helping to reshape the railway - we are at the forefront of all of it. We operate with a talented and passionate workforce, fostering empowered individuals and teams who understand that technology is not just a tool - it's the catalyst for progress, especially in an ever-demanding industry where change is a constant.
Supporting the NR Security Operations Centre to ensure the protection of Network Rail's assets in terms of confidentiality, integrity, and availability. This involves actively monitoring operational systems, managing the prevention, detection, remediation, and recovery from security threats, vulnerabilities, and incidents.
About the role (External)
As a member of the SOC: your responsibilities will include:

• Monitoring, evaluating, and responding to security events and incidents by making use of defined security technologies and having a good understanding of exploits and vulnerabilities.
• Provide real-time log analysis and investigation through recognition of attempted or successful intrusions and compromises to provide network and data security.
• Take appropriate corrective action or follow defined escalation procedures in the event of a security event or incident and work so security investigations are managed through to resolution.
• Be able to recognise network intrusion attempts or compromises based on their traffic patterns, behaviours or signatures and have the ability to identify false positives from true intrusion attempts.
• Actively monitor external security vulnerabilities, advisories, incidents, and penetration techniques when required and have to ability to apply risk-based threat assessment techniques against the asset estate.
• Support Security Engineers in conducting periodic vulnerability assessments and reporting based on the prioritised asset estate.
• Aid in the generation and review of periodic security operational reports on SOC activities.
• Perform tasks as directed by the daily operations task list or team leader.
• Work in a team environment to aid in the monitoring and health of the security devices within the network.

Essential

• Experience working in a SOC/NOC environment
• Strong analytical and problem solving skills
• Understanding of incident response processes and how incidents should be managed from identification through to resolution
• Experience in event log analysis, network traffic packet capture and associated tools
• Strong understanding of networking and security technologies (routers, switches, firewalls, IDS/IPS, DDoS, Servers, end-point devices)
• Understanding of network systems and system/device logs
• Experience in system hardening

Desirable

• Security qualifications such as Security +, GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Security Analyst (ECSA) and GIAC Certified Incident Handler (GCIH)
• Experience in logging and network monitoring technologies
• Knowledge of networking technologies and network management systems

How to apply (External)
Vacancy Type: Permanent, 35 hours per week, Hybrid working of 3 days in the office
Location: Manchester Piccadilly Tower Block
Closing date: 12th October 2025
Salary: Band 5 30,000 - 36,000 depending on experience
Interviews: will take place from 20th October 2025, they will be held Face to Face in Manchester
We are committed to a diverse workplace enriched with representation from diverse cultures, backgrounds and skills. We pride ourselves on creating an environment where difference is embraced, and individuals can thrive. We recognise that the success of the team is dependent on a multi-cultural, multi-disciplined group of individuals, aligned to deliver successful solutions.
At Network Rail, we have a number of employee networks to reflect our diverse population and help to raise issues to the wider workforce and support their membership and support our Everybody Matters strategy, led by our central Diversity & Inclusion team. We have Diversity & Inclusion Champions who take part and lead on many activities, to drive through more initiatives to support an inclusive environment for all its people and promote a professional and positive working environment. For more information on Diversity & Inclusion at Network Rail,
Do you consider yourself to have a protected characteristic? If so and you require any additional support with your application, please do not hesitate to contact the Resourcer who will happily assist mark.powell4@networkrail.co.uk

Skills Required