Cyber Security Service Performance Manager

Location: Pier Walk, North Greenwich, London, (50% Office Attendance Model)

Salary: £70,000 - £75,000 Plus Fantastic Benefits

UK Sponsorship Available, although candidates are required to pay for their own application fees.

Advert closes: Tuesday 17th February 2026 at 23.59

About us:
As cyber threats continue to diversify and grow, so too does TfL’s need to develop our cyber security culture and capabilities to ensure we continue to protect the services and systems which keep London moving.  TfL’s cyber security professionals play a critical and ever-increasing role in protecting these services and systems, safeguarding our customers as they travel across London’s Transport network.

Job Purpose

The role of the Cyber Security Service Performance Manager is to manage the delivery of the services within a specific portfolio in the Service Owner Team or the Service Operations area, some of which may go across the whole of the Cyber Security function within TfL.

You will be responsible for the introduction of new services into the Operation Teams, managing service levels and contracts across all suppliers (including internal resources) within your portfolio, ensuring compliance with TfL Mandatory Standards and Policies throughout the life cycle of the service and achieving performance requirements and service level agreements.

This encompasses the management of service transition into the live environment, contract management, and relationships with internal teams and external suppliers.

Key accountabilities

You will be responsible for:

- the delivery of services within your portfolio, managing suppliers and internal teams to agreed service level targets and ensuring compliance with contracts and operational level agreements, improving resilience and supplier accountability.

- the end to end delivery of cyber security services, including detection, triage, escalation, and resolution activities, ensuring alignment with business‑critical security objectives and minimizing operational risk and business impact.

- the effective assessment of risks in service improvements and for developing mitigation strategies, reducing exposure and supporting continuous service maturity.

- the implementation of service design for new or changed services, supporting projects during transition into the live environment to ensure smooth on-boarding and consistent service integration.

- building and maintaining relationships with key stakeholders, understanding changes in priorities or business demand, and mitigating threats identified, thereby strengthening alignment and stakeholder confidence.

- managing MSSP and vendor relationships, measuring performance against defined SLAs, ensuring trends are monitored, interpreted, and escalated appropriately to improve supplier accountability, strengthen resilience, and reduce contractual risk.

- overseeing internal OLAs across cyber operations, IT/OT technology functions, and business teams, enhancing collaboration, reducing bottlenecks, and enabling faster resolution of incidents and service issues.

- the Knowledge & Service Request Function within Service Operations, ensuring outward delivery to service ownership areas, thereby improving transparency, consistency, and user satisfaction.

Key interfaces:

- Senior TfL business stakeholders as the single point of accountability for the performance of Cyber Security services within respective area. - Cyber Security Managers and by extension the CISO (Cyber Information Security Officer). - Service suppliers to ensure consistent service performance and instigate continual service improvement activities - Service suppliers to ensure understanding and delivery of TfL Mandatory Standards and Policies throughout the Service lifecycle

Knowledge:

- Bachelor's or Master's Degree in Computer Science, Information Systems, or other related discipline (or corresponding professional experience) - Strong understanding of ITIL principles and the service lifecycle management. - ITIL v4 qualifications. - Knowledge of managing incident, problem and request fulfillment processes. - Familiarity of OLAs & SLA management, including service reporting. - Exposure to supplier management, including contract and performance oversight. - Sound understanding of common cyber threats (phishing, ransomware, malware, insider risks etc .) - Familiarity with security response tooling, such as antivirus, firewalls, SIEM or endpoint protection. - Broad knowledge of Technology and Data Services.

Skills:

- Technology service performance within large-scale, complex operating environments.

 - Proven analytical skills to interpret complex data and make or influence appropriate business decisions on the basis of this analysis

- Motivating and leading others towards achievement

Experience:

- Extensive experience of technology and data services in a complex, multi-site organisation, preferably in the public sector

- Demonstrable experience of interacting and negotiating at Head of level, both internally and with third parties

- Demonstrable experience of negotiating, delivering and managing complex, large scale, service contracts

- Substantial experience of relationship management and account management

- Demonstrable success in continual process improvement for technology services

- Experience with coordinating cross-functional teams across traditional IT and operational technologies.

Excellent Benefits include: 

• Final salary pension scheme
• Free travel for you on the TfL network
• Reimbursement of 75% of the cost of a standard class Ticket for National Rail travel from home or 75% reimbursement on a 28-day flexi ticket
• 30 days annual leave plus public and bank holidays
• TfL is committed to work-life balance, operating a hybrid working approach where business and role requirements allow
• Private healthcare discounted scheme (optional)
• Tax-efficient cycle-to-work programme
• Retail, health, leisure and travel offers
• Discounted Eurostar travel

Additional Information
Please apply supplying your CV preferably in “.docx” format. This document should be A4, in Arial 12 font, and a maximum of 2 pages per document.

If you are shortlisted you may be invited to take part in a Video interview. We endeavour to give candidates as much notice as possible however some interviews/ assessments will be organised at short notice and will require a degree of flexibility. We reserve the right to close the application window early if we receive a high volume of suitable applications.

Equality, diversity and inclusion

We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible. We are a disability confident employer who guarantee an interview to any disabled candidate who meets all of the essential criteria. We also use anonymising software that removes identifying information from CVs and cover letters to make the process fair.

Many of our staff work flexibly in many different ways. Please talk to us at interview about the flexibility you need. We'll see what we can do.

We understand a confidence gap can get in the way of meeting spectacular candidates. So please don’t hesitate to apply if you think you have what it takes even if you feel you don’t meet all the criteria. We’d love to hear from you.

At Transport for London, safety, trust and fairness sit at the heart of how we recruit. Our Vetting Charter (https://tfl.gov.uk/corporate/careers/our-vetting-process) explains the checks we carry out before you join us, helping ensure we create a safe, inclusive and reliable network for everyone who depends on our services. We simply ask that the information you provide is honest and accurate so we can progress your application smoothly. If something doesn’t match or can’t be verified, we may not be able to move forward with your application but we’ll always treat you with transparency, respect and clear communication throughout.