Why LNER? 

We go beyond. For everyone. Our vision is to be the most loved, progressive and responsible way to travel for generations to come. Now we're looking for the people who can deliver this, every day. 

Since we took over on the East Coast mainline, we've been changing the face of rail travel. Our new Azuma train has brought faster journey times, more space and greater reliability. Our exciting plans to embrace new ideas, experiences, backgrounds and ambitions make this the ideal time to join. 

Bringing passion. Being bold. Always caring. Owning it. They're the values that make us LNER. 
 

Are you on board? 

Are you passionate about protecting data and strengthening cybersecurity? We're looking for a proactive and detail-oriented Information Security Analyst to join our IT Information Security team. In this pivotal role, you'll help safeguard our company's most valuable assets—including customer, employee, corporate, and financial data—by evaluating and enhancing our security measures in line with industry standards. 

You'll be at the forefront of incident response, root cause analysis, and security training across the business, helping to ensure our teams are well-informed and vigilant. From leading phishing prevention efforts to managing disaster recovery plans, you'll play a critical role in shaping and maintaining a strong security posture across the organisation. 

If you're ready to make a meaningful impact and help drive continuous improvement in cybersecurity, we'd love to hear from you. 

Within this role you'll also be involved in; 

• Monitoring network, system, and application security solutions to detect and responding to potential breaches, intrusions, or anomalous activity. 
• Investigating and responding to security incidents, conducting root cause analysis and ensuring compliance with internal policies. 
• Conducting regular security assessments, including vulnerability testing, risk analysis, and both internal and external audits. 
• Managing access control by reviewing and adjusting user privileges to ensure appropriate access to business systems. 
• Maintaining and update incident response and disaster recovery plans to ensure organisational readiness. 
• Leading the internal security awareness programme, including phishing simulations and training in collaboration with internal and external learning teams. 
• Developing, implementing, and maintaining information security policies, procedures, and plans. 
• Monitoring the use and performance of security tools, such as data encryption, antivirus, intrusion detection systems (IDS), and DLP solutions. 
• Ensuring up-to-date administrative, physical, and technical safeguards are in place, including patching and threat prevention. 
• Reviewing logs and IDS reports to identify suspicious activity and ensure legal and regulatory compliance. 
• Collaborating with third-party vendors to maintain service levels and ensure external support meets security standards. 
• Producing clear and comprehensive reports detailing findings, effectiveness of current controls, and recommendations for improvement. 
• Responding to day-to-day security requests and investigating routine incidents such as malware detections, phishing attempts, and data loss prevention alerts. 
• Supporting IT service configuration and documentation management, ensuring alignment with change control and performance requirements. 

What you'll need:    

• Proven experience in IT, ideally with a focus on Information Security, and hands-on expertise with security tools such as firewalls, IDS/IPS, anti-malware, authentication systems, and log management. 
• Strong technical background in Microsoft Active Directory, VMWare, and system configuration, ideally supported by relevant certifications. 
• Skilled in using system, network, and security monitoring tools, with a solid understanding of database, OS, network, and endpoint security. 
• Familiarity with security frameworks and compliance standards including ISO 27001, PCI DSS, GDPR, and Cybersecurity best practices. 
• Recognised security certifications (e.g. CISMP, CompTIA CySA+, Security+) and ITIL Foundation are desirable. 
• Strong written and verbal communication skills, with the ability to create concise reports and deliver presentations across all levels of the business. 
• Competent in gathering and analysing threat intelligence using open-source and internal data. 
• Demonstrated ability to problem-solve, remain calm under pressure, and work effectively in a fast-paced, evolving environment. 
• A collaborative team player with strong interpersonal skills, able to influence, negotiate, and build productive relationships with stakeholders. 
• Results-driven, accountable, and self-motivated, with a track record of driving change and continuous improvement. 

What you'll get:  

• Free travel on LNER + 75% off other companies' tickets (for you & dependents)  
• Discounted international train tickets (after one year's service)  
• 50% discount on LNER tickets for friends & family  
• Generous pension scheme  
• Annual cycle to work schemes  
• Discount, savings and cashback scheme from top retailers  
• Health & wellbeing schemes and discounts  
• Host of training opportunities to help further your career  
• Rewards & awards to recognise when you shine  

What we believe:          

To be the most loved, progressive and responsible train operating company, we must make a meaningful difference – always doing what's right for our customers, our people, the communities and destinations we serve, the future of the industry we lead and the environment we cherish.  

We know that our people are the beating heart of everything we do. We are committed to creating an inclusive, engaged culture that supports everyone at every stage of their journey – and ensures that when you're at LNER, you can always be you. No wonder most people never want to leave!  

Diversity and inclusion  
We are passionate about creating a diverse and inclusive workforce, representative of the communities we serve, and are creating ways to inspire diverse talent to join LNER.  

Developing our people  
We are focused on creating a learning culture, to support our people to be the best they can be at work by providing them with the tools and resources to navigate their development and career journey.  

Health & wellbeing  
To create a culture where our people can perform at their best, the physical health and mental wellbeing of our people is of paramount importance to us.  

What next?          

Start your journey here - Apply now!  

Disclosure and Barring Service (DBS) Check 

If you are successful in your application and are new to the business, we will undertake a basic DBS check as part of our pre-employment checks. This only happens once we have conditionally offered you the job.  Here we check for any unspent convictions and conditional cautions under the Rehabilitation of Offenders Act (ROA) 1974. If there is evidence of an unspent conviction or conditional caution, the details of these are reviewed internally by a cross functional panel on a case by case basis before a final offer of employment is issued. This however may result in any offer being withdrawn. Further information on how we collect and use this data is available on our privacy notice. 

Medical screening 

We're a safety conscious business so for all roles you'll need to pass a medical screening and a drugs and alcohol test before we send you an unconditional job offer. For our safety critical roles, you'll also need to have a safety critical medical. Our friendly, in-house Health and Wellbeing team will book a time and place to suit you. The sooner, the better, so please be flexible with your availability. Once your medical gets the thumbs up, we'll finalise any last details and look forward to you joining our team.