Career Opportunities: Information Security GRC Manager (FTC) (10652)Requisition ID 10652 - Posted - Technology - London JOB TITLE: INFORMATION SECURITY GRC MANAGER
DEPARTMENT: TECHNOLOGY LOCATION: MARBLE ARCH, LONDON
REPORTING TO: HEAD OF INFORMATION SECURITY
TYPE OF CONTRACT: 12 MONTH FTC
PLACES, PEOPLE, PREFER Our purpose is to create and manage outstanding places which deliver positive outcomes for all our stakeholders on a long-term, sustainable basis.
We are a FTSE 100 business with a strong balance sheet and £13bn of assets under management.
But with just 600 employees, you're given the ability to make a big impact and elevate your career quickly.
Our diverse, passionate team of experts works on some of the most ambitious, innovative and sustainable projects in the country – from our high-quality campuses across central London to some of the top retail schemes in the UK – providing a rewarding career journey where you can shape how you grow.
We believe in shared success and enabling people to be themselves.
If you want to feel listened to and understood in an environment where your opinions count and bright ideas are encouraged, you've come to the right place!
In our recent engagement survey, 93% of our employees stated they were proud to work for British Land!
THE ROLE Reporting to the Head of Information Security, the primary responsibility of this role is to oversee the development, implementation, and management of British Land's information security governance, risk, and compliance programs.
This role ensures that the organisation's information security practices align with regulatory requirements, industry standards, and best practices.
The GRC Manager will work closely with various departments to identify, assess, and mitigate information security risks.
The ideal candidate will have proven experience in cyber security principles and be proactive in identifying and responding to security threats.
WHAT YOU'LL DO Assisting with the support of technologies in the following categories:
Governance: Develop and maintain information security policies, standards, and procedures.Ensure alignment of security policies with business objectives and regulatory requirements.Monitor compliance with policies and conduct regular reviews and updates of security policies and procedures.Complete security assessments for third-party suppliers, assets (buildings/Retail), and projects to ensure adherence to cyber security policies and standards.Deliver and maintain the Supplier Risk Assessment process.Identify and assess information security risks across the organisation and maintain the risk register.Develop and implement risk mitigation strategies and action plans.Conduct regular risk assessments and audits to ensure compliance with security policies and standards.Monitor and report on the status of risk management activities.Compliance: Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, ISO 27001).Coordinate and support internal and external audits and assessments.Develop and deliver security awareness and training programs to employees.Maintain documentation and evidence of compliance activities.ADVOCACY: Articulate the need for information security and compliance.Build strong stakeholder relationships across the business to enable effective communication and delivery of infosec objectives.Responsible for delivery of infosec controls which are effectively designed and implemented.Identify security gaps and work with stakeholders to clearly define remediation actions.Provide guidance and support to business units on security-related matters.Manage security awareness training, including courses, rollout, liaison with the Training team, arranging phishing tests, and providing remediation training in person to required employees.Manage Information Security Steerco meetings, including taking minutes, organizing meetings, and actions, and supporting the committee in the role of Secretary.Support Technology projects with security analysis on any proposed solutions and ensure any risks are highlighted and addressed as part of the project.Liaise with stakeholders in relation to cyber security issues and provide future recommendations.Research and generate reports for both technical and non-technical staff and stakeholders.Provide advice and guidance to staff on information security-related issues.Define and monitor security policies and best practice standards.ABOUT YOU Strong written and oral communication skills.Passionate about Information Security and proactive in recommending ways to further improve our security posture.Self-motivated problem solver.Strong time management and organisational skills.Pragmatic – making the best of the tools that we have and getting the best out of them.
Recognize the balance between security and productivity.Understanding of Information Security Risk Management concepts.Experience of working collaboratively within an IT department.OUR SHARED VALUES
Our values are what we stand for at British Land; they're not just a label on the door; they connect us every day to our vision, purpose, and strategy.
They help us to promote an inclusive, positive, and collaborative culture.
You can read more on our corporate website.
Our People – Just ask anyone why they love working here and they will tell you it's the people.
They're highly talented, passionate, and collaborative!
We thank our people with rewards that feel rewarding; you can review our market-leading benefits here.
OUR RECRUITMENT PROCESS If you enjoy bringing your whole self to work, share our values, and are excited about our purpose, we'd love to hear from you!
We are committed to providing an accessible and inclusive process; learn more about our selection process here.
#LI-Hybrid Please note that we endeavour to get back to all applicants within 28 days.
If you haven't heard from us within this period, please assume that you have been unsuccessful on this occasion.
#J-18808-Ljbffr