Job Description

At Network Rail, we're dedicated to keeping passengers and freight moving safely and efficiently across the country. When you join us, you're not just part of a team - you're part of something that matters to millions. We believe that our people are at the heart of what we do, and every role plays a vital part in building a better, more connected railway.
We're committed to creating a diverse, inclusive workplace that reflects the communities we serve. To discover more about our ED&I commitments We value flexibility and understand the importance of a healthy work-life balance. As a Disability Confident Leader, we'll do everything we can to accommodate any needs throughout the recruitment process.
If you're ready to make a real difference, we'd love to hear from you!
We offer excellent benefits, including:
xf0x9fx8cx9e Generous annual leave (28 days plus statutory days), with the option to buy/sell days.
xe2x9cxa8 Defined benefit pension scheme.
xf0x9fx9ax82 75% subsidy on rail and underground season tickets.
xf0x9fx9ax82 Up to 75% off leisure travel.
xf0x9fx8ex9fxefxb8x8f Interest-free travel loan for train and car park season tickets.
xf0x9fx8ex81 Discounts at stations with your Network Rail pass.
xf0x9fx8cx8d Flexible/hybrid working arrangements.
xf0x9fx95x8axefxb8x8f Volunteer leave to make a positive impact.
xe2x9dxa4 Healthcare Scheme, GymPass discounts, Cycle to work plus more.
xf0x9fxa7xb8 We offer generous maternity, paternity, and adoption leave to support our employees during significant life moments
Plus, morexe2x80xa6.
Brief Description
The railway has seen nearly 200 years of technology and innovation that has transformed how we provide services to passengers and freight customers. Technology is continuing to transform the railway industry. Imagine an exciting environment where Digital, Data, and Technology (DDaT) are not just buzzwords but the driving force behind every operation, every decision, and every solution.
As part of the DDaT directorate, you have a unique opportunity to enable our customers and industry partner with modern and transformative technology. From the day-to-day IT operations that keeps a national railway running, to the extensive delivery programmes that our helping to reshape the railway - we are at the forefront of all of it. We operate with a talented and passionate workforce, fostering empowered individuals and teams who understand that technology is not just a tool - it's the catalyst for progress, especially in an ever-demanding industry where change is a constant.
Click 'apply for this job' to apply. If you would like to speak the Resourcing Team, please contact mark.powell4@networkrail.co.uk
About the role (External)
Main responsibilities:
To support the continuous improvement of NRT Security Operations capabilities and processes which support the ability to protect the confidentiality, integrity, and availability of Network Rails assets. Provide operational capability around monitoring operational systems to manage the prevention, detection, remediation and recovery from security threats, vulnerabilities, and incidents.
What will you be doing?

• Monitoring, evaluating and responding to security events and incidents by making use of defined security technologies and having an in depth understanding of exploits and vulnerabilities.
• Provide real-time log analysis and investigation through recognition of attempted or successful intrusions and compromises to provide network and data security.
• Take appropriate corrective action or follow defined escalation procedures in the event of a security event or incident and work to ensure that security investigations are managed through to resolution.
• Be able to recognise network intrusion attempts or compromises based on their traffic patterns, behaviours or signatures and can identify false positives from true intrusion attempts.
• Actively monitor external security vulnerabilities, advisories, incidents, and penetration techniques when required and have to ability to apply risk-based threat assessment techniques against the asset estate.
• Conduct periodic vulnerability assessments and reporting based on the prioritised asset estate.
• Identification of insecure services and ports of NR assets and services through defined compliance activities.
• Actively develop and maintain Security playbooks to handle security incidents and breaches
• Develop and implement playbook and system automation.
• Aid in the development, generation, and review of periodic security operational reports on SOC activities.
• Perform tasks as directed by the daily operations task list or team leader.
• Work in a team environment to aid in the monitoring and health of the security devices within the network.
• Line manager responsibilities for junior SOC analysts in the team.
• Maintenance and enhancement of Security applications and toolsets that support the monitoring of the Network Rail Telecoms estate.
• Integration of new tools and security systems.
• Provisioning of SOC services with customers and projects.

The ideal candidate
Meet the essential criteria? Apply today to join our team

• Experience working in a SOC/NOC environment
• Strong analytical and problem-solving skills
• Understanding of incident response processes and how incidents should be managed from identification through to resolution
• Good understanding and working knowledge of SIM/SEIM/SOAR tools
• Experience in event log analysis, network traffic packet capture and associated tools
• Strong understanding of networking and security technologies and configuration (routers, switches, firewalls, IDS/IPS, DDoS, Servers, end-point devices)
• Understanding of vulnerability assessment processes and technologies
• Experience in system hardening aligned to security requirements

Desirable

• Security qualifications such as Security +, GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Security Analyst (ECSA) and GIAC Certified Incident Handler (GCIH)
• Experience in implementation and monitoring of the QRadar SIEM platform
• Experience in implementation of automation in SOAR platform(s)
• Understanding of CERT/CSIRT processes
• Knowledge of compliance frameworks (ISO 27001, 27002, CoBiT) and accreditation processes
• Experience in Microsoft system administration, build, configuration - server, desktop, Cloud
• Experience in Linux system administration, build, configuration
• Network administration and configuration, Cisco, Juniper, Palo Alto.
• Experience in DevOps: coding, scripting and automation.

How to apply (External)
Vacancy type: Permanent, 35 hours per week, Hybrid working of 2/3 days in the office.
Location: Manchester Piccadilly Tower
Closing date: 2nd June 2025
Interviews will take place from: 16th June 2025, they will be held Face to Face in Manchester
Band & Salary: Band 4C 343,588 to 350,018 plus pay related benefits
We are committed to a diverse workplace enriched with representation from diverse cultures, backgrounds and skills. We pride ourselves on creating an environment where difference is embraced, and individuals can thrive. We recognise that the success of the team is dependent on a multi-cultural, multi-disciplined group of individuals, aligned to deliver successful solutions.
At Network Rail, we have a number of employee networks to reflect our diverse population and help to raise issues to the wider workforce and support their membership and support our Everybody Matters strategy, led by our central Diversity & Inclusion team. We have Diversity & Inclusion Champions who take part and lead on many activities, to drive through more initiatives to support an inclusive environment for all its people and promote a professional and positive working environment. For more information on Diversity & Inclusion at Network Rail,
Do you consider yourself to have a protected characteristic? If so and you require any additional support with your application, please do not hesitate to contact the Resourcer who will happily assist.