Governance Risk and Compliance Specialist
Make The Connection.
Vix Technology, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Cloud Engineer. With a presence in over 200 city and regional transport authorities worldwide, Vix has been at the forefront of transforming fare collection for more than 35 years.At Vix, we are committed to solving problems and delivering innovative solutions that are revolutionising the world of public transit.
The Role
We are looking for a Governance, Risk & Compliance Specialist. This role will focus on supporting the organisation in maintaining compliance with regulatory requirements, managing risks related to information security, and ensuring governance policies are upheld.You'll be based on-site, full time based in our Manchester office, where we prioritise in-person collaboration and teamwork.
We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. This position will be located in Manchester, UK.
Within the context of customer focused Security posture, you'll work across the following areas, liaising with both internal and external stakeholders:
Risk Management:
- Identify, assess, and mitigate IT security risks.
- Maintain risk registers and track risk treatment plans.
- Support periodic risk assessments for potential information security threats.
- Monitor and report risk exposures.
Compliance Monitoring:
- Ensure compliance with UK regulations (GDPR, NIS Regulations, Data Protection Act 2018).
- Conduct audits and assessments for internal policy and international standards compliance (e.g., ISO 27001).
- Assist in preparing compliance reports.
Governance Support:
- Support development of IT security policies and procedures.
- Assist in reviewing and updating governance frameworks per regulations and business needs.
- Coordinate with teams to integrate governance practices into daily operations.
Incident Response:
- Assist in investigating and reporting IT security incidents.
- Help develop and refine incident response plans.
- Track incident resolutions to ensure documentation and follow-up.
Training and Awareness:
- Support IT security awareness and training programs for staff.
- Help create materials for cybersecurity training to clarify employee responsibilities.
Vendor and Third-Party Risk Management:
- Evaluate security risks of third-party vendors.
- Conduct due diligence and assessments to ensure vendors meet security standards.
Audit Support:
- Work with auditors to provide compliance documentation.
- Assist in addressing audit findings and implementing corrective actions.
Policy Development and Maintenance:
- Assist in drafting, reviewing, and maintaining IT security policies.
- Align policies with business objectives and regulatory requirements.
Familiarity with NESA Information Assurance Standards, PCI NESA regulations, and audit/compliance knowledge is essential.
Requirements
What You'll Need To Be Successful:
- Understanding of Regulatory Frameworks: Familiarity with GDPR, NIS Regulations, and other UK-based IT security regulations.
- Knowledge of Risk Management: Basic knowledge of risk identification, assessment, and mitigation techniques.
- Attention to Detail: Ability to identify potential issues and track compliance activities.
- Technical Aptitude: Familiarity with IT security concepts, frameworks like ISO 27001, and general cybersecurity best practices.
Desirable:
- AWS experience and/or certification.
- Bachelor’s degree in Computer Science or IT.
- Exposure to Security Standards (PCI, ISO).
- Experience with audits or compliance enforcement.
- Penetration testing experience (Kali Linux).
- Experience with site-to-site VPNs, network design, VLANs, routing, NAT.
Desired Character and Personal Traits:
- A true team player who thrives in a collaborative environment.
- Possesses a methodical approach to work, ensuring accuracy and timeliness.
- Demonstrates high levels of confidentiality and integrity.
- Exhibits excellent written and verbal communication skills.
- Displays a strong commitment to seeing tasks through to completion.
- Capable of working independently while also being an effective team member.
- Prioritises exceptional customer service.
- Embraces flexibility and adapts seamlessly to change.
Benefits
What’s in it for you?
Besides the opportunity to work for a global company that is customer and people focused, we offer:
- A focus on learning and development
- A great team of like-minded professionals
- Private Healthcare
- Income Protection Scheme
- Pension
- Group Life Assurance
- Cycle to Work Scheme
- Electric Car Benefit Scheme
- Employee Assistance Programme
- Eyecare Vouchers
Sounds good? Then apply now. Get on board today!
Add your resume and anything else to showcase why you would be a great addition to our team. We regret that this position is only available for UK&I citizens/Residents with indefinite leave to remain in the UK&I, with current full time work rights for the United Kingdom, currently residing in the UK.
No recruitment agencies, please! We won’t accept any introductions.
Vix Technology is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all people and want to build a workforce as diverse as the community we serve.We aim to have a work environment where everyone feels included and everyone can realise their full potential.