Information Security Manager

Information Security Manager

Full-Time 70000 - 90000 £ / year (est.) Home office (partial)
British Land Company

At a Glance

  • Tasks: Lead the charge in safeguarding information assets and managing security compliance.
  • Company: Join a forward-thinking property company committed to innovation and security.
  • Benefits: Enjoy a competitive salary, hybrid work model, and opportunities for professional growth.
  • Other info: Be part of a dynamic team with excellent career advancement potential.
  • Why this job: Make a real difference in information security while working with cutting-edge technologies.
  • Qualifications: Experience in information security and a passion for emerging tech like AI.

The predicted salary is between 70000 - 90000 £ per year.

  • Career Opportunities: Information Security Manager (11003)
  • LOCATION
  • : Central London (Regent's Place, NW1) Hybrid – 4 days in office
  • REPORTING TO
  • : Head of Information Security
  • TYPE OF CONTRACT
  • : PERMANENT

Reporting to the head of information security, this role plays a central part in protecting British Land's information assets across both business technology and property technology.

The primary focus is on the development, implementation, and management of British Land's information security governance, risk, and compliance programme — ensuring alignment with regulatory requirements, industry standards (e. g.

Iso 27001, nist), and good practice.

As a member of a small, high-impact team, the role requires an all-rounder who can move comfortably between governance activities and broader cyber security topics.

The successful candidate will have sufficient technical understanding to engage credibly with the wider infosec team, challenge supplier technical proposals, and contribute to operational security activities where required.

An appreciation of emerging technologies, particularly ai, and a genuine interest in how these can be leveraged to strengthen information security, is essential.

  • WHAT YOU’LL DO
  • Assisting with the support of technologies in the following categories:
  • Governance
  • Develop and maintain information security policies, standards, and procedures.
  • Ensure alignment of security policies with business objectives and regulatory requirements.
  • Monitor compliance with policies and conduct regular reviews and updates of security policies and procedures.
  • Complete security assessments for third party suppliers, assets (buildings/retail) and projects to ensure adherence to cyber security policies and standards.
  • Deliver and maintain the supplier risk assessment process.
  • Identify and assess information security risks across the organisation and maintain the risk register.
  • Develop and implement risk mitigation strategies and action plans.
  • Conduct regular risk assessments and audits to ensure compliance with security policies and standards.
  • Monitor and report on the status of risk management activities.
  • Compliance
  • Ensure compliance with relevant laws, regulations, and industry standards (e. g., GDPR, iso 27001).
  • Coordinate and support internal and external audits and assessments.
  • Develop and deliver security awareness and training programs to employees.
  • Maintain documentation and evidence of compliance activities.
  • Advocacy
  • Articulating the need for information security and compliance.
  • Building strong stakeholders’ relationships across the business to enable effective communication and delivery of infosec objectives.
  • Responsible for delivery of infosec controls which are effectively designed and implemented.
  • Identify security gaps and work with stakeholders to clearly define remediation actions.
  • Provide guidance and support to business units on security-related matters.
  • Security awareness training.

Managing courses, rollout, liaison with training team.

Arranging phishing tests and metrics, providing remediation training in person to required employees.

  • Management of information security steerco meeting. Taking minutes, organising meetings and actions. Supporting the committee in the role of secretary.
  • Supporting technology projects with security analysis on any proposed solutions & ensuring any risks are highlighted and addressed as part of the project.
  • Coordinate with stakeholders in relation to cyber security issues and provide future recommendations.
  • Research and generate reports for both technical and non-technical staff and stakeholders.
  • Give advice and guidance to staff on information security related issues.
  • Defining and monitoring security policies and best practice standards.
  • Develop and maintain a working understanding of British Land's security technology stack (e. g.

Siem, email security, dlp, endpoint, identity, vulnerability management) sufficient to engage credibly with the wider infosec team and its systems.

  • Critically review and challenge supplier technical proposals, architectures and security testing reports (e. g.

Soc 2, penetration test reports) ensuring proportionate controls are in place.

  • Provide informed input into security testing scope (e. g. Penetration testing, configuration reviews) and review remediation activity with suppliers.
  • Support incident response and operational infosec activities as required, providing cover and acting as an all-round contributor in a small team.
  • Maintain awareness of ai developments relevant to information security, including both the risks (e. g.

Shadow ai, agentic systems, data exposure) and the opportunities (e. g.

Ai-assisted analysis, automation, threat detection).

  • Support the application of British Land's ai governance framework, including risk review of ai use cases.
  • Identify and pilot opportunities to leverage ai capability within the infosec function to improve productivity, coverage, and effectiveness.

ABOUT YOU

  • Strong written and oral communication skills.
  • Passionate about information security and proactive in recommending ways to further improve our security posture.
  • Strong Microsoft office skills.
  • Self-motivated problem solver.
  • Strong time management and organisational skills.
  • Pragmatic – making the best of the tools that we have and getting the best out of them. Recognise the balance between security and productivity.
  • Understanding of information security risk management concepts.
  • Experience of working collaboratively within an it department.
  • Technically curious – comfortable engaging with the wider infosec team on operational and technical topics, willing to learn and able to ask the right questions of suppliers and technical specialists.
  • Genuine interest in ai and its application to information security.
  • Comfortable with breadth over depth – happy operating across multiple disciplines in a small team rather than specialising narrowly.
  • REQUIRED SKILLS
  • Demonstrable experience in an information security role with significant exposure to grc, alongside working knowledge of broader cyber security disciplines (e. g.

Supplier assurance, security testing, incident response, security operations).

  • Experience of iso 27001 isms implementation and management, and certification process (working with external and internal auditors).
  • Strong Microsoft 365 skills, including familiarity with enterprise security tooling.
  • Third party risk management software (such as surecloud or onetrust or similar).
  • Working understanding of common cyber security domains (e. g. Network security, endpoint protection, identity and access management, vulnerability management, security testing).
  • PREFERRED SKILLS
  • ISO 27001 or nist framework experience.
  • Surecloud/grc/alternatives.
  • Exposure to ai governance frameworks (e. g. Nist ai rmf) or developing ai use-case risk assessments.
  • Exposure to property technology would be a distinct advantage.
  • Experience reviewing penetration test reports, soc 2 reports, or supplier security architectures.
  • Experience with security tooling such as siem, email security platforms or vulnerability scanning.
  • Hands‑on experience supporting incident response of security operations activities.

Desirable Accreditations

  • ISO 27001 lead auditor/implementer certification.
  • Ci SSP, CISM or equivalent.
  • Comptia security+ or equivalent foundational technical certification.
  • Experience of taking detailed minutes during senior or executive level meetings.
  • #J-18808-Ljbffr

Information Security Manager employer: British Land Company

British Land is an excellent employer, offering a dynamic work environment in the heart of Central London. With a strong focus on employee growth and development, you will have the opportunity to collaborate with diverse stakeholders while ensuring compliance with GDPR and data protection legislation. The hybrid working model promotes a healthy work-life balance, making it a rewarding place for those looking to make a meaningful impact in data privacy.

British Land Company

Contact Details:

British Land Company Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Information Security Manager

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including British Land Company, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through British Land Company

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at British Land Company. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Information Security Manager

Information Security Governance
Risk Management
Compliance with GDPR
ISO 27001 Implementation
Cyber Security Standards
Supplier Risk Assessment
Security Policy Development

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at British Land Company insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to British Land Company that you’re committed to staying ahead in the game.

How to prepare for a job interview at British Land Company

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at British Land Company to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at British Land Company.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.