Company Description
1. Based on site in Cheadle (SK8 3GW) - Monday to Friday
2. 26 days holiday, and a day off for your birthday (increasing with service to 30 days), plus bank holidays
3. Free access to company holiday homes
4. Buy & sell holidays
5. Discretionary annual bonus plus an additional Shared Reward Bonus
6. Matched pension contribution
7. Health cash plan plus Private medical insurance
8. Life assurance and Critical illness cover
9. Travel season ticket loans and Ride to work scheme
10. Free local gym access
11. Local bar / restaurant discounts
We’re Together. For over 50 years, we’ve helped thousands of people, businesses and professionals unlock their property ambitions with our common-sense approach to mortgages and secured loans.
We take the time to understand our customers and our door is always open, so we can often help when other lenders can’t or won’t. Based in Cheadle, Cheshire, our 900 colleagues help our customers throughout the UK, backed by the power of a £ billion loan book.
Job Description
Reporting to the Chief Information Security Officer, you will play a critical role in supporting the development and continuous improvement of our Information Security governance, risk management, and assurance framework.
You will be a seasoned Information Security professional able to support and maintain governance and leading frameworks such as NIST CSF and the UK Cyber Assessment Framework (CAF) to identify, assess and managing risks across the Group. You will develop risk metrics (KPIs/KRIs), deliver security training and awareness programmes and lead third-party cyber, information and AI security due diligence. This would include ongoing monitoring of risks and incidents. The role also involves supporting audits, driving continuous improvement across policies and controls, and implementing monitoring solutions using Microsoft Purview and DLP. Working closely with the CISO and Cyber Security team, you will contribute to governance, reporting and incident response, while building strong stakeholder relationships across IT, Risk and the wider business.
in a nutshell, responsibilities include:
12. Maintain and enhance Information Security governance frameworks aligned to NIST CSF and CAF
13. Define and report on security risk metrics, KPIs and KRIs
14. Identify and assess Information Security risks across business and technology environments
15. Deliver engaging security awareness and training programmes
16. Conduct third-party cyber, information and AI security due diligence
17. Support audit and assurance activities, including evidence collation
18. Drive continuous improvement across policies, processes and controls
19. Support Microsoft Purview and DLP monitoring capabilities
20. Partner with the CISO on governance, reporting and incident response activities
Qualifications
You are a proactive and detail-oriented Information Security professional with experience working in regulated environments and a passion for improving security maturity.
Essential Experience
21. Proven experience in third-party security due diligence
22. Experience delivering Information Security training and awareness
23. Hands-on experience with Microsoft Purview and DLP
24. Strong understanding of risk management and governance
25. Experience working within regulated environments
26. Experience developing policies, processes and standards
27. Knowledge of cloud and SaaS-based environments
Desirable
28. CISM or equivalent certification
29. Strong presentation and stakeholder engagement skills
30. Experience reviewing technical security designs
Additional Information
If you feel you have some of the skills mentioned above, but not all, please do still apply and we would be happy to have a further discussion with you in regards to your suitability for the role.
Together embraces diversity and inclusion, and are proud to be an equal opportunity workplace. Not only do we welcome difference – we celebrate it, support it and really value our colleagues for who they are. We are committed to building a team that represents a variety of backgrounds, perspectives and skills.
If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.
Click here for more information on our
Please note that all successful applicants will undergo relevant employment reference, financial and criminal record checks.
#TMHP