Governance Risk and Compliance Specialist
Vix Technology, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Governance, Risk & Compliance Specialist.
This role will focus on supporting the organisation in maintaining compliance with regulatory requirements, managing risks related to information security, and ensuring governance policies are upheld. You'll be based on-site, full time based in our Manchester office, where we prioritise in-person collaboration and teamwork.
We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. This position will be located in Manchester, UK.
Within the context of customer focused Security posture, you'll work across the following areas, liaising with both internal and external stakeholders:
Risk Management:
* Identify, assess, and mitigate IT security risks
* Maintain risk registers and track risk treatment plans
* Support periodic risk assessments for potential information security threats
* Monitor and report risk exposures
Compliance Monitoring:
* Ensure compliance with UK regulations (GDPR, NIS Regulations, Data Protection Act 2018)
* Conduct audits and assessments for internal policy and international standards compliance (e.g., ISO 27001)
* Assist in preparing compliance reports
Governance Support:
* Support development of IT security policies and procedures
* Assist in reviewing and updating governance frameworks per regulations and business needs
* Coordinate with teams to integrate governance practices into daily operations
* Assist in investigating and reporting IT security incidents
* Help develop and refine incident response plans
* Track incident resolutions to ensure documentation and follow-up
Training and Awareness:
* Support IT security awareness and training programs for staff
* Help create materials for cybersecurity training to clarify employee responsibilities
Vendor and Third-Party Risk Management:
* Evaluate security risks of third-party vendors
* Conduct due diligence and assessments to ensure vendors meet security standards
Audit Support:
* Work with auditors to provide compliance documentation
* Assist in addressing audit findings and implementing corrective actions
Policy Development and Maintenance:
* Assist in drafting, reviewing, and maintaining IT security policies
* Align policies with business objectives and regulatory requirements
Requirements:
* Understanding of Regulatory Frameworks: Familiarity with GDPR, NIS Regulations, and other UK-based IT security regulations
* Knowledge of Risk Management: Basic knowledge of risk identification, assessment, and mitigation techniques
* Attention to Detail: Ability to identify potential issues and track compliance activities
* Technical Aptitude: Familiarity with IT security concepts, frameworks like ISO 27001, and general cybersecurity best practices
Desirable:
* AWS experience and/or certification
* Bachelor's degree in Computer Science or IT
* Exposure to Security Standards (PCI, ISO)
* Experience with audits or compliance enforcement
* Penetration testing experience (Kali Linux)
* Experience with site-to-site VPNs, network design, VLANs, routing, NAT
Benefits:
* A focus on learning and development
* A great team of like-minded professionals
* Private Healthcare
* Income Protection Scheme
* Pension
* Group Life Assurance
* Cycle to Work Scheme
* Electric Car Benefit Scheme
* Employee Assistance Programme
* Eyecare Vouchers
Vix Technology is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all people and want to build a workforce as diverse as the community we serve.
#J-18808-Ljbffr