OverviewCyber Network Management Engineer (Security) - (Network Management Engineer (Security)) role at Network Rail. Two positions available. Location: Manchester, GB. Department: IS Security (807520) G1. Join Network Rail - Where People and Connections Matter. We emphasize a diverse and inclusive workplace and offer flexible/hybrid working arrangements.ResponsibilitiesSupporting the NR Security Operations Centre to ensure the protection of Network Rail's assets in terms of confidentiality, integrity, and availability. This involves actively monitoring operational systems, managing the prevention, detection, remediation, and recovery from security threats, vulnerabilities, and incidents.Monitoring, evaluating, and responding to security events and incidents by using defined security technologies and having a good understanding of exploits and vulnerabilities.Provide real-time log analysis and investigation through recognition of attempted or successful intrusions and compromises to provide network and data security.Take appropriate corrective action or follow defined escalation procedures in the event of a security event or incident and ensure security investigations are managed through to resolution.Recognise network intrusion attempts or compromises based on traffic patterns, behaviours or signatures and identify false positives from true intrusion attempts.Monitor external security vulnerabilities, advisories, incidents, and penetration techniques and apply risk-based threat assessment techniques against the asset estate when required.Support Security Engineers in conducting periodic vulnerability assessments and reporting based on the prioritised asset estate.Aid in the generation and review of periodic security operational reports on SOC activities.Carry out tasks as directed by the daily operations task list or team leader.Work in a team environment to aid in the monitoring and health of the security devices within the network.EssentialExperience working in a SOC/NOC environmentStrong analytical and problem solving skillsUnderstanding of incident response processes and how incidents should be managed from identification through to resolutionExperience in event log analysis, network traffic packet capture and associated toolsStrong understanding of networking and security technologies (routers, switches, firewalls, IDS/IPS, DDoS, servers, end-point devices)Understanding of network systems and system/device logsExperience in system hardeningDesirableSecurity qualifications such as Security+, GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Security Analyst (ECSA) and GIAC Certified Incident Handler (GCIH)Experience in logging and network monitoring technologiesKnowledge of networking technologies and network management systemsHow To Apply (External)Vacancy Type: Permanent, 35 hours per week, Hybrid working of 3 days in the officeLocation: Manchester Piccadilly Tower BlockClosing date: 12 October 2025Salary: Band 5 £30,000 - £36,000 depending on experienceInterviews: will take place from 20 October 2025, face to face in ManchesterWe are committed to a diverse workplace enriched with representation from diverse cultures, backgrounds and skills. For more information on Diversity & Inclusion at Network Rail, please follow this link.Do you consider yourself to have a protected characteristic? If so and you require any additional support with your application, please contact the Resourcer who will happily assist mark.powell4@networkrail.co.ukSeniorities and EmploymentSeniority level: Mid-Senior levelEmployment type: Full-timeJob function: Information TechnologyIndustries: Rail TransportationWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr