Information Security Officer in Manchester

Aareon is Europe’s established provider of SaaS solutions for the real estate industry and a pioneer of the sector’s digital future. With its software solutions, Aareon connects people, processes, and properties—bringing the industry closer together. As a reliable and innovative partner, Aareon is committed to progress, positive change, and sustainable living and working spaces for everyone.

We value a working environment in which diversity and flexibility are appreciated, cooperation in partnership and mutual support in the team are a matter of course and learning is perceived as an opportunity. Become part of our international team! We are looking forward to meeting YOU!

Salary: £70,000-£80,000 per year (depending on experience)

Work Location: Hybrid London or Manchester

Hours per week: 37.5

Contract Type: Permanent, full-time

About the Role

Aareon UK builds software that housing providers and property professionals rely on every day. As our product set grows, security and data protection matter more than ever. We’re hiring a UK Security Officer to take ownership of security across the UK business. This is a senior role covering security across applications, platforms, infrastructure, and engineering. You’ll also act as the UK Information Security Officer, helping protect customer data, maintain compliance, and keep security practical in day-to-day delivery.

You’ll be the main UK contact for the Group Security Operations Centre in Germany, making sure group direction works in practice for the UK business. You’ll own the UK security programme, build on what is already in place, and help bring more consistency across our UK brands.

Team & Scope

This is initially an individual contributor role with strong matrix influence across teams. It works alongside CloudOps, IT, Legal, Compliance and Engineering.

What You’ll Be Responsible For

• Developing and running the UK security strategy: Set and deliver a clear UK security strategy that aligns with group direction while working for the UK business. You’ll turn group guidance into practical local plans, set priorities, and help leadership make sensible investment decisions.
• Governance, risk and compliance: Own and improve our UK security governance. That includes the ISMS, policies, risk management, and the controls needed to meet our obligations.
• Security operations, vulnerability management and incident support: Help oversee day-to-day security operations for the UK, working closely with CloudOps and the Group SOC.
• Security in engineering and platform delivery: Work with engineering, architecture, product, platform, and DevOps teams to make sure security is built into how we design, build, and run systems.
• Policy, awareness and cross-functional working: Keep our security and quality policies and standards up to date, practical, and usable.
• Resilience, disaster recovery and business continuity: Work with technical and business teams to strengthen disaster recovery strategy and business continuity planning across the UK estate.
• Customer assurance and commercial security support: Support customer and commercial security activity where needed, including security questionnaires, due diligence responses, and clear explanations of our controls and approach.
• Reporting and Group alignment: Track useful security measures and report clearly to UK leadership and the Group CISO/SOC.
• AI security: Help the business stay on top of AI-related security risks, including staff use of AI tools, AI in products, agentic workflows, and the changing risks that come with new models and external tooling.

About You

You are an experienced security leader who combines sound judgement with practical delivery. You can work comfortably with senior stakeholders, but you’re also happy getting into the detail when needed. You know how to explain security clearly, make risk visible, and help teams take sensible action. You’re collaborative, pragmatic, and credible.

Skills & Experience

Essential:

• Strong experience in a senior cyber or information security role in a technology-led business.
• A solid grasp of security governance, risk management, and control frameworks.
• Good working knowledge of ISO 27001, ISO 9001, Cyber Essentials, GDPR, and similar standards.
• Broad technical understanding across cloud, infrastructure, application security, and secure delivery.
• Experience of incident response, vulnerability management, and penetration testing follow-up.
• Ability to communicate clearly with both technical and non-technical audiences.
• Comfortable setting priorities, balancing risk, and working in a fast-moving environment.

Desirable:

• Relevant certifications such as CISSP, CISM, or CISA.
• Experience in SaaS, proptech, housing, or another data-sensitive software environment.
• Experience working with group functions, auditors, regulators, or external security partners.
• Experience working across multiple brands, business units, or countries.
• Familiarity with AI security issues across internal use, product use, and evolving external tooling.

About Us

Become part of Aareon and digitise the European property industry together with us.

Why work here? We value a working environment where diversity and flexibility are valued, working in partnership and supporting each other as a team is a matter of course, and learning is perceived as an opportunity.