Payments Information Security Manager
Transport For London
Manage cyber security risks for TfL's payment systems, ensuring PCI, GDPR and ISO27001 compliance.
9 days ago ago
£60,000 - £65,000
Expert & Leadership (13+ years)
Full Time
London, England, United Kingdom
Office Full-Time
Company Size
28,000 Employees
Service Specialisms
Engineering
Technology & Data
Infrastructure Maintenance
Project Management
Property Development
Consulting
Transport Planning
Operations Management
Sector Specialisms
London Buses
London Underground
Docklands Light Railway (DLR)
London Overground
Elizabeth line
London Trams
Roads
River
Role
What you would be doing
secure design
risk assessment
design review
cyber improvements
regulatory guidance
security reporting
- Consult and advise on the secure design, build, implementation, testing and delivery of payment systems
- Payments security risk assessments for customer payment systems (E)
- Assure cyber security risks for payments systems managed and/or supplied by 3rd party suppliers
- Consult and advise stakeholders in assessing, understanding and managing cyber security risks for projects
- Creating and reviewing designs of payment systems (D)
- Sponsor, facilitate, support and/or implement cyber security capabilities and improvements to the security and resiliency of technology systems
- Provide consultation, advice and guidance on the Network and Information Systems (NIS) Regulations
- Provide consultation, advice and guidance to cyber security risk owners and Payments’ Product Managers
- Prepare, present and support reports on the current status of cyber security assurance, deliverables, risks and KPIs over TfL’s customer payment systems
What you bring
pci
iso27001
giac
isc2
isaca
comptia
- This role requires a minimum of BPSS security clearance, however the required level of clearance may change. Should an offer of employment be made, continued employment is subject to you obtaining the required level of clearance and maintaining this throughout your employment.
- Payment Card Industry (PCI) and ISO27001 Standards (D)
- Strong stakeholder engagement and relationship management. (E)
- Methodologies for managing payment security risks, identifying controls, their effectiveness & design of associated action plans (E)
- Ability to communicate effectively with all stakeholders, both orally and in writing (E)
- Qualifications and certifications from information security bodies such as: GIAC, ISC2, ISACA, ISA, CompTIA. (E)
- Analytical thinking, identifying many possible causes for a problem based on prior experience and current emerging cyber security risks (E)
- Information security management concepts to support solutions and processes (D)
- Enterprise-level cyber security technologies for use in complex environments (D)
- Degree level education or equivalent experience, ideally in science, engineering, technology, computing, cyber security or a related field, (E)
- Proven ability to influence across all areas of the business, including influencing key decision-makers in highly political environments and to successfully facilitate joint decision making & resolution to issues (E)
- Infrastructure within an enterprise environment (e.g. networking, compute, storage) (D)
- Retail, health, leisure and travel offers
- Tax-efficient cycle-to-work programme
- Free travel for you on the TfL network
- Discounted Eurostar travel
- EV Salary Sacrifice Scheme
- Private healthcare discounted scheme (optional)
- Final salary pension scheme
- 30 days annual leave plus public and bank holidays
- A 75% discount on National Rail Season Ticket and interest free loan
Information not given or found
Interview process
Information not given or found
Visa Sponsorship- no visa sponsorship will be provided; candidates must meet uk eligibility criteria.
- bpss security clearance required; employment contingent on obtaining and maintaining required clearance.
People also searched
Information Manager Jobs in Southwark United KingdomRisk Analyst Jobs in Southwark United KingdomRisk Advisor Jobs in Southwark United KingdomSecurity Engineer Jobs in Southwark United KingdomRisk Manager Jobs in Southwark United KingdomInformation Manager Jobs in Kingston upon Thames United KingdomRisk Analyst Jobs in Kingston upon Thames United KingdomRisk Advisor Jobs in Kingston upon Thames United Kingdom
Company
Overview
2000
Year of establishment
The company was founded under London’s Mayor in 2000.
8,500 buses
Public transport fleet
Operates a large network of buses to support daily commuter needs.
580 km roads
Managed road network
Oversees one of the UK's most extensive road networks.
£7 bn revenue
Annual revenue figure
Generates significant revenue from fares, congestion charges, and grants.
- Handles day-to-day operations: Overground, DLR, trams, ferries and roads.
- Manages congestion charge and ultra-low emission schemes.
- Develops major infrastructure projects: Northern Line extension, Silvertown Tunnel, West London Orbital plans.
- Runs one of Europe’s largest zero-emission bus fleets and pioneered a cycle shuttle through Silvertown.
- Open
- Caring
- Adaptable
Net Zero by 2040
GHG emissions target
Committed to achieving net zero greenhouse gas emissions across the entire value chain by 2040.
90% Scope 1 & 2 Reduction
Emissions target 2030
Aims to reduce absolute Scope 1 and 2 emissions by 90% from the 2022 baseline by 2030.
2,000 Zero-Emission Buses
Bus fleet expansion
Currently operates over 2,000 zero-emission buses across Western Europe, with 107 fully zero-emission routes as of June 2025.
80% Fewer Pollution Exposures
Air quality improvement
Reduction in the number of people exposed to illegal pollution levels in deprived areas after ULEZ expansion.
- Maintain ≥90% reduction in Scopes 1 & 2 from 2030–2040
- Reduce absolute Scope 3 emissions by 90% by 2040
- Science-based targets validated by SBTi in April 2025
- Operational carbon 2023/24: Scope 1 14 KtCO₂e; Scope 2 337 KtCO₂e; Scope 3 (outsourced) 470 KtCO₂e; Scope 3 (other) 705 KtCO₂e
- On track to switch to fully zero-emission bus fleet by 2034 (_acceleratable to 2030)
- ULEZ expansion: 27% lower roadside NO₂, 31% fewer PM2.5 in outer London
- Doubling wildflower verges to 260,000 m² by 2024; planting tree canopy +1% per year (2016–2025) with 10% increase by 2050
- Install 5,000 m² Sustainable Drainage Systems yearly on road network
- Reduced highways glyphosate use by 70%
- Achieved Silver Accreditation in Carbon Literacy training; thousands of colleagues certified
74% Agreement
Employee-Conversations
74% of staff agreed that the Conversation Matters coaching programme improved leader-employee conversations.
86% Goal Completion
Coaching Programme
The Conversation Matters coaching programme achieved an 86% goal completion rate and was awarded Best Coaching Programme in 2023.
77% Intuitive Experience
SAP SuccessFactors
77% of employees find the SAP SuccessFactors implementation intuitive, supporting automated performance and succession processes.
4% Recruitment Increase
Internal Recruitment
A 4% increase in internal recruitment and a 3.7% rise in employee engagement post-pandemic.
21% Reporting Increase
Sexual Harassment
Project Guardian led to a 21% increase in reporting sexual harassment incidents in 2014.
£2.5M Training Contract
DEI Training
A four-year DEI training contract worth up to £2.5 million was awarded across TfL and partner public bodies.
- Strategic vision "to be a great place to work for everyone to thrive"
- Fabric of London campaign represents London’s diversity: 287 ethnic groups, 300+ languages on TfL network fabric
Kablio AIIf you're someone who helps build and power the world (or dreams to), Kablio AI is your pocket-sized recruiter that gets you hired.
Copyright © 2025 Kablio