Security Engineer - Manchester - Hybrid
Make The Connection.
Our client, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Field Engineer. With presence in over 200 city and regional transport authorities worldwide, the client has been at the forefront of transforming fare collection for more than 35 years. The business is committed to solving problems and delivering innovative solutions that are revolutionizing the world of public transit.
They are a global organization - embracing the strength that individual diversity brings to the collective. Bring your individual orientation, cultural heritage and distinctive thinking and experience - we want to hear from you!
We are looking for an experienced Security Engineer to join our business. This role is on-site in Manchester, working within the greater Security team. The role will see you ensuring the clients’ technical teams meet relevant security standards, pass security audits, and protect company and customer data. You'll be a first point of contact for responding to security incidents.
We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. The position is in Manchester.
Requirements
What you'll be doing:
* Assess and evaluate the effectiveness of existing security controls.
* Design and implement security solutions to mitigate identified risks.
* Implement, and manage security systems, including firewalls, intrusion detection/prevention systems, DLP, endpoint protection, MDM, SIEM, IAM, vulnerability management etc.
* Respond to security events and incidents.
* Perform regular security audits and risk assessments.
* Maintain security controls, identify risks and propose treatment plans.
* Conduct regular vulnerability scans and penetration tests.
* Liaise with global IT and Cloud teams to maintain company systems and their security.
* Liaise with global Security Operations Centre colleagues to resolve any issues.
* Ensure compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, NIST)
* Review and update security program documentation.
* Support customer relations and requirements per commercial agreements.
* Develop, implement, and maintain security policies, processes, procedures and guidelines.
* Assist with internal and external audits and provide advice to colleagues and technical teams.
* Ensure compliance with data privacy regulations (e.g., GDPR, CCPA)
* Produce security reports for internal and external stakeholders.
* Recommend and implement new security tools and technologies.
* Stay current with infosec trends and tailor recommendations for business needs.
What You'll Bring to the Role:
Essential:
* 3-5 years of experience in Information Security
* Strong understanding of security principles, technologies, and best practices
* Experience in networking, infrastructure (on-prem and in the cloud), vulnerability and incident management
* Familiarity with application/device security monitoring (e.g. Firewalls, IDS/IPS, XDR etc.)
* Experience with SIEM / CNAPP / Log collection platforms (e.g. CrowdStrike, Lacework etc.) and capability to design, implement and manage such solutions.
* Experience with implementation of identity and access management (IAM) solutions
* Ability to work in a team to deliver project outcomes within timeframes and objectives.
* Self-directed work experience, including planning and organizing tasks.
* AWS experience and/or AWS security / administration certifications (e.g. AWS Certified Security etc.)
* Security experience and/or security certifications
* Proficiency with Windows and Linux servers, and network scanning tools (e.g. Wireshark, IP scanner etc.)
* Ability to handle sensitive information with sound judgement.
* Understanding of PKI
Desirable:
* Bachelor’s degree in computer science, IT or Information Security
* Compliance exposure with relevant security frameworks and standards (PCI, ISO, NIST, CIS)
* Experience with audits and compliance enforcement
* Penetration testing experience
* Strong understanding of networking protocols and systems architecture
* Creating PCI digital keys or security access modules
* Threat intelligence exposure
* Proficient in programming or scripting languages
* IaC highly desirable
* Running phishing campaigns
Personal Attributes:
* Excellent problem-solving skills and attention to detail
* Collaborative and team-oriented
* Methodical, accurate, and timely work approach
* High confidentiality and integrity
* Strong written and verbal communication skills
* Commitment to completing work activities.
* Ability to work autonomously and as part of a team.
* Customer service-oriented
* Flexible and adaptable to change.
Benefits
What's in it for you?
Besides the opportunity to work for a global company that is customer and people focused, we offer:
* A focus on learning and development
* A great team of like-minded professionals
* Private Healthcare
* Income Protection Scheme
* Pension
* Group Life Assurance
* Cycle to Work Scheme
* Electric Car Benefit Scheme
* Employee Assistance Programme
* Eyecare and Spectacle Vouchers
Sounds good? Then apply now. Get on board today!
Add your resume and anything else to showcase why you would be a great addition to our team.
We regret that this position is only available for UK&I citizens/Residents with indefinite leave to remain in the UK&I, with current full time work rights for the United Kingdom, currently residing in the UK.