Information Security GRC Manager (FTC)

Reporting to the Head of Information Security, the primary responsibility of this role is to oversee the development, implementation, and management of British Land's information security governance, risk, and compliance programs. This role ensures that the organisation's information security practices align with regulatory requirements, industry standards, and best practices. The GRC Manager will work closely with various departments to identify, assess, and mitigate information security risks. The ideal candidate will have a proven experience of cyber security principles and be proactive in identifying and responding to security threats. WHAT YOU'LL DO Assisting with the support of technologies in the following categories: Governance:

• Develop and maintain information security policies, standards, and procedures.
• Ensure alignment of security policies with business objectives and regulatory requirements.
• Monitor compliance with policies and conduct regular reviews and updates of security policies and procedures
• Complete security assessments for third party suppliers, assets (buildings/Retail) and projects to ensure adherence to cyber security policies and standards
• Deliver and maintain the Supplier Risk Assessment process
Risk Management:
• Identify and assess information security risks across the organisation and maintain the risk register
• Develop and implement risk mitigation strategies and action plans.
• Conduct regular risk assessments and audits to ensure compliance with security policies and standards.
• Monitor and report on the status of risk management activities
Compliance:
• Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, ISO 27001).
• Coordinate and support internal and external audits and assessments.
• Develop and deliver security awareness and training programs to employees.
• Maintain documentation and evidence of compliance activities.
ADVOCACY:
• Articulating the need for information security and compliance.
• Building strong stakeholders' relationships across the business to enable effective communication and delivery of infosec objectives
• Responsible for delivery of infosec controls which are effectively designed and implemented
• Identify security gaps and work with stakeholders to clearly define remediation actions
collaboration:
• Provide guidance and support to business units on security-related matters.
• Security awareness training. Managing courses, rollout, liaison with Training team. Arranging phishing tests and metrics, providing remediation training in person to required employees
• Management of Information Security Steerco meeting. Taking minutes, organising meetings and actions. Supporting the committee in the role of Secretary.
• Supporting Technology projects with security analysis on any proposed solutions & ensuring any risks are highlighted and addressed as part of the project
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Research and generate reports for both technical and non-technical staff and stakeholders
• Give advice and guidance to staff on information security related issues
• Defining and monitoring security policies and best practice standards, our values are what we stand for at British Land, they're not just a label on the door; they connect us every day to our vision, purpose, and strategy. They help us to promote an inclusive, positive, and collaborative culture. You can read more on our
Bring your whole self Listen & Understand Smarter together Build for the future Deliver at pace Our People - Just ask anyone why they love working here and they will tell you it's the people. They're highly talented, passionate, and collaborative! We thank our people with rewards that feel rewarding; you can review our market leading benefits . OUR RECRUITMENT PROCESS If you enjoy bringing your whole self to work, share our values and are excited about our purpose we'd love to hear from you! We are committed to providing an accessible and inclusive process learn more about our selection process #LI-Hybrid Please note that we endeavour to get back to all applicants within 28 days. If you haven't heard from us within this period, please assume that you have been unsuccessful on this occasion.


• Strong written and oral communication skills
• Passionate about Information Security and proactive in recommending ways to further improve our security posture
• Enthusiastic, supportive team player
• Strong Microsoft Office skills
• Self-motivated problem solver
• Strong time management and organisational skills
• Pragmatic - making the best of the tools that we have and getting the best out of them. Recognise the balance between security and productivity
• Understanding of Information Security Risk Management concepts
• Experience of working collaboratively within an IT department
  
  Our purpose is to create and manage outstanding places which deliver positive outcomes for all our stakeholders on a long term, sustainable basis.
We are a FTSE 100 business with a strong balance sheet and £13bn of assets under management. But with just 600 employees you're given the ability to make a big impact and elevate your career quickly. Our diverse, passionate team of experts works on some of the most ambitious, innovative and sustainable projects in the country - from our high-quality campuses across central London, to some of the top retail schemes in the UK - providing a rewarding career journey where you can shape how you grow. We believe in shared success and enabling people to be themselves. If you want to feel listened to and understood in an environment where your opinions count and bright ideas are encouraged, you've come to the right place! In our recent engagement survey 93% of our employees stated they were proud to work for British Land!