Job Summary: Trapeze ITS UK, a leading provider of intelligent transport systems, is seeking an experienced Security Manager. Trapeze ITS UK is part of Modaxo, a global organization bringing together businesses that collectively focus on advancing new technologies and innovations for people transportation. With more than two dozen companies representing 12 brands, Modaxo comprises 2,000 people, operating from 35 offices in 21 countries around the world. As an employer we are committed to cultivating a friendly and exciting working environment, with huge emphasis on employee engagement. We can offer the sense of social community often associated with a small, local business; combined with the expected advantages of working for a far larger employer: great benefits; dedication to identifying talent; and huge investment in staff development. We are seeking a proactive and technically skilled Security Manager with deep expertise in AWS, DevSecOps and infrastructure security. This role plays a critical part in safeguarding our platforms and ensuring that security is embedded throughout the delivery lifecycle. You will be responsible for upholding and maintaining our ISO 27001 compliance, integrating security controls into our cloud-native and hybrid infrastructure, and enabling secure-by-default practices across engineering, platform and operational teams. Rather than focusing on audit or accreditation, this role will prioritise embedding security into DevOps workflows, ensuring high availability and risk resilience through automation, collaboration and early engagement in the software development lifecycle. This position is ideal for someone who thrives in a dynamic, multi-disciplinary environment and can balance governance with delivery agility. Job Description: Key Responsibilities DevSecOps and Platform Security Integration Lead the adoption of DevSecOps practices, embedding security into CI/CD pipelines, infrastructure-as-code and automation frameworks Define and maintain security baselines and controls for cloud and infrastructure environments that are easy to implement and measure Work with engineering and DevOps teams to automate enforcement of security controls across build, deploy and run phases Cloud and Infrastructure Security Oversight Take operational responsibility for AWS and infrastructure security, including IAM, network security, encryption, secrets management and monitoring Collaborate with infrastructure and platform teams to ensure secure design and operation of all environments, both cloud and on-premises Implement security solutions that support agility and scalability without compromising protection ISO 27001 Compliance Maintenance Maintain alignment with ISO 27001 standards through strong operational controls and audit readiness Ensure all required documentation, controls and evidence are up to date for internal and external audits Partner with compliance and governance leads to ensure that day-to-day operations continue to uphold certification Incident Response and Threat Management Own and continuously improve incident response plans, playbooks and escalation processes Coordinate timely investigation and resolution of security incidents and manage root cause analysis Monitor for vulnerabilities and threats, applying proactive mitigation strategies and communicating risks to stakeholders Security Enablement and Continuous Improvement Train and support engineering and DevOps teams on secure coding, cloud security practices and proactive risk identification Promote a security-first culture by integrating security into everyday delivery practices Define and track key metrics to measure security effectiveness and identify opportunities for improvement Leadership and Collaboration Lead internal and third-party security resources, ensuring clarity of purpose and a focus on delivery Act as a trusted advisor to engineering, operations and executive stakeholders Translate technical risks into business impacts and provide recommendations for mitigation Accountabilities Ensure full compliance with ISO 27001 standards, achieving and maintaining accreditation while embedding security as a core operational principle. Foster a culture of security across the organisation, instilling best practices and Lean-driven efficiencies. Lead and manage security operations with a focus on service excellence, reliability, and scalability, using ITIL principles. Drive continuous improvement in security, focusing on AWS, infrastructure security, and data protection across all organisational areas. Achieve and maintain a favourable maintenance revenue-to-cost ratio, aligning with Customer Centricity. Implement matrix management practices to balance project work and BAU responsibilities. Key Skills Security and AWS Expertise Extensive experience in AWS security, infrastructure security, and hardware security, with a strong track record of implementing best-in-class security measures. Demonstrated knowledge of ISO 27001 accreditation processes, with experience achieving and maintaining compliance in a high-stakes environment. Proficiency in risk management, vulnerability analysis, and incident response, with a data-driven approach to security decision-making. Process Optimisation and Lean/ITIL Experience Experience implementing Lean Six Sigma and Lean production methodologies to drive security process improvements and enhance operational efficiency. Expertise in ITIL service management, with proven experience in service excellence and delivering reliable, scalable security processes. Leadership and Stakeholder Management Strong leadership skills with experience managing both internal and outsourced security teams, fostering a collaborative, security-focused culture. Excellent communication and stakeholder management skills, able to convey complex security principles in an accessible and actionable way. Security, Cloud, and Global Operations Strong knowledge of cloud infrastructure (AWS), security frameworks, and risk management in a global, multi-site organisation. Experience in managing global supply chains, working with in-country production facilities, and ensuring the integration of technical systems with operational processes. Qualifications Ideally a bachelor’s degree in information security, Computer Science, or related field. Professional certifications in CISSP, CISM, or ISO 27001 Lead Auditor/Implementer. AWS Certified Security Specialist is highly advantageous. Extensive experience in security management, with a focus on AWS, infrastructure security, Lean/ITIL methodologies, and ISO 27001 compliance. In return we will offer a competitive salary along with a comprehensive benefits package including a discretionary bonus, healthcare cash back scheme, private pension scheme, life assurance and income protection, a great holiday package including a buy and sell scheme, as well as many initiatives to support a healthy lifestyle. Application Details To apply for this position, please submit your CV along with a cover letter detailing your relevant experience and qualifications. If you do not meet all the criteria but believe you are a good fit for the role, we encourage you to apply anyway. This is an exciting opportunity to play a pivotal role in the transformation and success of our organisation. If you are a governance expert with a passion for driving excellence in project delivery, we encourage you to apply. Worker Type: Regular Number of Openings Available: 1 And a fantastic opportunity to join a market leading Software Company. If you’re interested in this role then click on apply!