Abstract: The information system security protection system under the enterprise remote office mode presents the characteristics of complex protection scenarios and diverse protection subjects. In the context of continuous changes in attack methods and threats to information security, this paper proposed an information security protection framework for enterprise remote office with dynamic defense based on the basic framework of remote office information security and the security dynamic defense model, in response to the information security issues faced by the normalization of future remote office models. The paper introduced new technologies to build a dynamic risk monitoring, risk identification and risk response mechanism to provide active defense and collaborative defense capabilities. This framework can be applied in the security of railway enterprise remote office terminal equipment, boundary access security, network transmission security, and infrastructure security, supporting the information security guarantee work under the remote office mode of railway enterprises.