Trading since 1989, we're the UK's largest provider of property risk expertise and residential surveying services. To put it into numbers, we complete more than one property inspection every 12 seconds and employ over 600 surveyors from Land’s End to John O’Groats. This gives us the flexibility to offer nationwide coverage combined with invaluable local knowledge.
We're part of the LSL Property Services PLC Group, which includes household names Your Move and Reeds Rains, as well as the mortgage network PRIMIS. We work with lenders, intermediaries, social housing entities and estate agents in addition to private customers.
We are recruiting for an Information Security Manager who will take the lead and provide a focal point for security and information risk matters (including cyber related risks). The role holder will be responsible for plans to develop and improve information security at e.surv, including getting e.surv ready to transition to the new ISO27001:2022 standard.
This role is a Hybrid, homeworking with occasional travel to our Head Office in Kettering.
Main accountabilities for this role are
- To develop and maintain the information and cyber security strategy, policy and accompanying standards, procedures and guidance
- To develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed
- To promote security awareness by developing and implementing a security awareness and training programme
- To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
- Produce reports for the Information Security Governance Board (ISGB), Information Asset Owners (IAOs) and the Head of Enterprise Risk as required
- Respond to enquiries from staff and provide security advice as required
- Work with internal stakeholders to develop relationships to help promote and improve Information Security and provide security advice on procurements, projects and new initiatives as required
- Work with external stakeholders for example Lender Clients, internal and external auditors
- Attend meetings with Lender Clients to provide security assurance by presenting, completing assurance attestations and security questionnaires
- Coordinate the development the annual accreditation processes (ISO 27001)
- Provide input to the wider development of the information governance strategy and business resilience planning process
Essential Knowledge
- Practical experience of implementing, maintaining and managing information and cyber security frameworks
- Understanding of, and practical experience of applying the Data Protection Act, the Freedom of Information Act and other related legislation, standards and codes of practice
- Ability to lead and deliver change and contribute to culture change successfully
- Ability to influence at senior levels on matters relating to security and information risk
- Good verbal and written communication skills and able to communicate effectively at all levels
- Ability to manage time and priorities appropriately
Education and Qualifications
- Educated to degree level Or Substantial work experience in fields such as cybersecurity, information systems, computer science, information technology management or digital forensic science.
- 5+ years of experience in application security, information risks, and developing security threat solutions.
- Qualified to CISSP / CISM level
PRE EMPLOYMENT SCREENING - All of our employees have to pass a Criminal Records Disclosure and Credit Referencing Process in order to work with our lender clients, if you are unsure on this, ask the team and we'll be happy to explain the process.