Join one of the UK’s fastest-growing retailers and help shape the future of security, resilience, and business continuity at B&M Retail.
We’re on the lookout for an experienced and proactive Information Security Business Partner (ISBP) to act as a key liaison between our central Information Security function and business units across the Group. This is a hybrid role based at our Head Office in Speke (Liverpool), with flexibility for remote working and occasional travel to other business locations as required. This role offers the opportunity to make a real impact by embedding best practices, reducing risk, and fostering a culture of operational resilience.
About the role: Reporting to the Head of Information Security Risk & Assurance, the ISBP plays a central role in embedding information security, business continuity, and risk management across our organisation. You’ll support a broad range of stakeholders across the following business units: Retail Operations - Supply Chain & Logistics - Support Centre.
Your responsibilities will include:
Business continuity & incident response
1. Leading crisis simulations and scenario-based exercises with stakeholders
2. Supporting disaster recovery planning and testing
3. Delivering security incident response training and playbooks
4. Coordinating business continuity planning and improvement tracking
5. Acting as a liaison during major incidents and assisting with post-incident reviews
Information security risk & assurance
6. Promoting security governance across business units
7. Managing risk registers and facilitating quarterly risk reviews
8. Coordinating audits, assessments, and compliance checks
9. Supporting third-party due diligence and vulnerability remediation
You’ll work closely with internal teams including Operations, IT, Legal, Risk, Audit, Procurement, and Compliance — helping to ensure that security is embedded in our processes and partnerships.
Essential experience we're looking for:
10. Proven background in Information Security, IT Risk, or Governance roles
11. Strong understanding of business continuity and disaster recovery
12. Hands-on experience with security risk assessments, audits, and incident response
13. Familiarity with key standards and regulations (e.g. ISO 27001, PCI DSS, GDPR)
14. Excellent stakeholder management and communication skills
And desirable would be:
15. Certifications such as CISSP, CISM, CRISC, CBCI, or ISO 27001 Lead Auditor
16. Experience in the retail, e-commerce, or supply chain sector
17. Experience with GRC tools or vulnerability management platforms
18. French language skills (not essential but beneficial for communication across the Group)
Who you are: You bring a business-focused mindset with a proactive and analytical approach to problem-solving. Comfortable navigating matrixed environments, you’re able to juggle competing priorities while building strong, trusted relationships. Above all, you’re passionate about embedding a culture of security and resilience.
Apply today if you're looking for a role where you can truly make a difference, apply now and be part of a business that’s bold, ambitious, and investing in the future.
B&M Retail is an equal opportunities employer. We encourage applications from candidates of all backgrounds and experiences.
#LI-DNI
#LI-DNI
#LI-DNI