Information & Cyber Security Manager
Job Description
Job title: Information & Cyber Security Manager
Company: LSL Property Services
Job description: Information & Cyber Security Manager – Remote Working
Part of LSL Property Services plc’ Financial Services division, PRIMIS Mortgage Network are the largest Mortgage and Protection Network in the UK with circa 1000 Mortgage & Insurance firms as business partners and approaching 3000 advisors working alongside us.
Other businesses within the FS division include TMA, Direct Life & Pensions and Linear Financial Solutions.
We are keen to recruit a talented information and cyber security specialist to join our first class Enterprise Risk Team to support the development of the Technology and Cyber Security control environment across all the brands in our Division.
Help us develop and mature the risk and control environment while supporting our Senior teams to stay ahead of the risks and threats relating to data security. You will be joining a top flight risk team which includes a group of experienced risk managers and a Data Protection Officer.
Role Purpose
Responsible for the maintenance of a robust and effective information and cyber security risk assessment, risk management and risk reporting framework across all FSD business units
Providing timely and balanced expert advice and guidance on current and future information and cyber security risks and threats
Responsible for the development and maintenance of a risk control self-assessment against internal Group Minimum Standards across key business units.
Continually review and improve the information and cyber security risk management framework in line with the business’s needs.
Provide best practice support to management when identifying and managing information and cyber security risks and any remedial or improvement actions
Provide oversight of internal cyber risk event/near miss/ breaches reporting and embed business awareness of the process of responding with action to mitigate issues and prevent reoccurrence.
Leading the business in accomplishing its objectives by bringing a systematic, disciplined approach to the evaluation and improvement of the effectiveness of information and cyber security risk management, control and governance processes.
Reporting emerging information and cyber security risks, risk control adequacy and effectiveness and recommend improvements to Senior Management.
Main Accountabilities
To develop and deliver a programme of assurance and oversee first line resolution of risks, issues and actions arising in relation to information and cyber risks and ensure any gaps are addressed
Report on the on-going development and maintenance of the Enterprise information and cyber security risk Management Framework, ensuring a consistent approach and execution across all key business units.
Develop and maintain the enterprise information and cyber security risk registers for each legal entity and support the publication of a consolidated view for the FS Division to Senior Management.
Lead the development and implementation of any on-going risk training and awareness programme to ensure that knowledge is developed and proportionate, based upon the needs of the Business.
Support the TRM process including the timely resolution of any agreed actions
Provide input to the wider development of the information governance strategy and business resilience planning process
Knowledge & Expertise
Practical experience of implementing, maintaining and managing information and cyber security frameworks
Technical understanding of principles and architectures needed for cutting edge applications and solutions according to best practice
Able to plan and implement infrastructure modification and migrations with minimum business disruption
Ability to lead and deliver change and contribute to culture change successfully, including guiding first line teams to a mature state
Ability to influence at senior levels on matters relating to security and information risk
Self-motivated resourceful and thorough and capable of working under time pressure, both independently and part of a team with minimum supervision.
Acute awareness of relevant legislative and regulatory corporate governance
Expertise required
Excellent interpersonal skills and ability to interact with Senior Management across the group
Report writing and policy creation and communication
Minimum of 5 years demonstrable knowledge of the legislative and regulatory landscape.
Proficient in Microsoft 365, SharePoint, Teams, Power Apps, Power Automate, and Power BI
Managing ISO27001 certifications and external audits
Substantial work experience in fields such as cybersecurity, information systems, computer science, information technology management or digital forensic science.
5+ years of experience in application security, information risks, and developing security threat solutions.
Desirables
Qualified to CISSP / CISM level
Knowledge of PCI DSS
Knowledge of Cyber Essentials
Salary and Benefits
Monies £50,000 – £60,000 DOE Negotiable
Enhanced pension alongside access to plc linked share based incentives when available
The role is Full time and can be Remote (UK only) or Hybrid or even office based for those that prefer and live close to our office locations nationally i.e. York, Chippenham, Solihull or Newcastle.
Travel between these locations is required.
Applications in confidence with a CV and covering note to of PRIMIS / LSL’s internal recruitment function
Internal LSL group applicants must discuss your intentions to apply with your immediate line manager prior to your application being submitted.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on your background or needs, if you require any adjustments to make the recruitment process easier please let us know.
LSL Property Services are dedicated to protecting your data – our Recruitment Privacy Notice can be viewed on the LSL Careers website
Expected salary: £50000 – 60000 per year
Location: Solihull, West Midlands
