Security Engineer

Make The Connection.

Vix Technology, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Field Engineer. With a presence in over 200 city and regional transport authorities worldwide, Vix has been at the forefront of transforming fare collection for more than 35 years. At Vix, we are committed to solving problems and delivering innovative solutions that are revolutionizing the world of public transit.

We are a global organisation at Vix - embracing the strength that individual diversity brings to the collective. Bring your individual orientation, cultural heritage and distinctive thinking and experience – we want to hear from you!

We are looking for an experienced Security Engineer to join the Vix team.This role is on-site in Manchester, working within the greater Vix Security team.The role will see you ensuring Vix technical teams meet relevant security standards, pass security audits, and protect company and customer data. You'll be a first point of contact for responding to security incidents.

We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. The position is located in Manchester.

Requirements

What you'll be doing:

• Assess and evaluate the effectiveness of existing security controls.
• Design and implement security solutions to mitigate identified risks.
• Implement, and manage security systems, including firewalls, intrusion detection/prevention systems, DLP, endpoint protection, MDM, SIEM, IAM, vulnerability management etc.
• Respond to security events and incidents.
• Perform regular security audits and risk assessments.
• Maintain security controls, identify risks and propose treatment plans.
• Conduct regular vulnerability scans and penetration tests.
• Liaise with global IT and Cloud teams to maintain company systems and their security.
• Liaise with global Security Operations Centre colleagues to resolve any issues.
• Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST)
• Review and update security program documentation.
• Support customer relations and requirements per commercial agreements.
• Develop, implement, and maintain security policies, processes, procedures and guidelines.
• Assist with internal and external audits, and provide advice to colleagues and technical teams.
• Ensure compliance with data privacy regulations (e.g., GDPR, CCPA).
• Produce security reports for internal and external stakeholders.
• Recommend and implement new security tools and technologies.
• Stay current with infosec trends and tailor recommendations for business needs.

What You'll Bring To The Role:

Essential:

• 3-5 years of experience in Information Security.
• Strong understanding of security principles, technologies, and best practices.
• Experience in networking, infrastructure (on-prem and in the cloud), vulnerability and incident management.
• Familiarity with application/device security monitoring (e.g. Firewalls, IDS/IPS, XDR etc.).
• Experience with SIEM / CNAPP / Log collection platforms (e.g. CrowdStrike, Lacework etc.) and capability to design, implement and manage such solutions.
• Experience with implementation of identity and access management (IAM) solutions.
• Ability to work in a team to deliver project outcomes within timeframes and objectives.
• Self-directed work experience, including planning and organising tasks.
• AWS experience and/or AWS security / administration certifications (e.g. AWS Certified Security etc.).
• Security experience and/or security certifications.
• Proficiency with Windows and Linux servers, and network scanning tools (e.g. Wireshark, IP scanner etc.).
• Ability to handle sensitive information with sound judgement.
• Understanding of PKI.

Desirable:

• Bachelor’s degree in Computer Science, IT or Information Security.
• Compliance exposure with relevant security frameworks and standards (PCI, ISO, NIST, CIS).
• Experience with audits and compliance enforcement.
• Penetration testing experience.
• Strong understanding of networking protocols and systems architecture.
• Creating PCI digital keys or security access modules.
• Threat intelligence exposure.
• Proficient in programming or scripting languages.
• IaC highly desirable.
• Running phishing campaigns.

Personal Attributes:

• Excellent problem-solving skills and attention to detail
• Collaborative and team-oriented.
• Methodical, accurate, and timely work approach.
• High confidentiality and integrity.
• Strong written and verbal communication skills.
• Commitment to completing work activities.
• Ability to work autonomously and as part of a team.
• Customer service-oriented.
• Flexible and adaptable to change.

Benefits

What’s in it for you?

Besides the opportunity to work for a global company that is customer and people focused, we offer:

• A focus on learning and development
• A great team of like-minded professionals
• Private Healthcare
• Income Protection Scheme
• Pension
• Group Life Assurance
• Cycle to Work Scheme
• Electric Car Benefit Scheme
• Employee Assistance Programme
• Eyecare and Spectacle Vouchers

Sounds good? Then apply now. Get on board today!

Add your resume and anything else to showcase why you would be a great addition to our team. We regret that this position is only available for UK&I citizens/Residents with indefinite leave to remain in the UK&I, with current full time work rights for the United Kingdom, currently residing in the UK.

No recruitment agencies, please! We won’t accept any introductions.

Vix Technology is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all people and want to build a workforce as diverse as the community we serve. We aim to have a work environment where everyone feels included and everyone can realise their full potential.