Senior Manager Security Compliance

at  Liberty Global

We’re looking for a Senior Manager Security Compliance to join us in London/Reading/Bradford.
Reporting into the Director of Central Security, you are here to help drive business-focussed security by providing tailored engagement and support across the business with a focus on delivering exceptional service at all times.
We are seeking a Senior Manager to lead our Security Compliance capability. This role will act as a primary engagement point for colleagues across Liberty Global and be responsible for overseeing and maintaining our security certifications (including ISO 27001), as well as providing expert consultancy and guidance to the LG central organisation.
This role is perfect for someone that is passionate about security, is great at building new relationships, and wants to make a difference to the security culture of the organisation.

What will you be doing?

• Deliver and maintain the ISO 27001 certification across LG Central, including all supporting activities
• Manage and oversee the ISO 27001 non-conformity process and its integration with security risk management processes, ensuring that remediation efforts are delivered in a timely manner
• Support the identification, assessment, and delivery of wider certifications, including, but not limited to: ISO 22301, Cyber Essentials+
• Develop strong relationships in order to build a detailed understanding of the security risks that exist across the business
• Take accountability for the identification, assessment, and management of new and existing risks, balancing security with business priorities
• In close partnership with the Security Academy:
• Deliver against the overarching security culture and awareness strategy
• Building business awareness of emerging security threats and risks and develop a security culture throughout the organisation
• Regularly brief the LG Central leadership team on progress against the information security strategy, roadmap, and programmes, as well as emerging cyber threats and changes to risk profile
• Using expert knowledge of the business, identify key areas of focus for education and awareness campaigns

We tend to look for people with:

Essential:

• Certified Information Security Manager (CISM)/ Certified Information Systems Security Professional (CISSP)/ Certified in Risk and Information Systems Control (CRISC)
• ISO 27001 Lead Implementer or Lead Auditor
• Experience of delivering and maintaining an ISO 27001 programme
• Extensive experience and knowledge of best practice information security controls and the potential impact of controls on business operations
• Good understanding of security frameworks (e.g. ISO 27001, NIST etc.)
• Highly skilled at identifying security risks and exposures as well as remedial controls and processes
• Ability to see the bigger picture – always considering the wider impacts of security decision making
• Experience of working with technical and non-technical stakeholders to embed security controls in line with business risk appetite
• Exceptional communicator with demonstrable experience providing written and verbal presentations
• Able to work independently to deliver high quality support to senior stakeholders
• Excellent relationship management skills at all levels of the organisation

Desirable:

• Good understanding of relevant legal and regulatory requirements (e.g. GDPR, SOX)
• Good awareness of Security Architecture and Engineering, Security Operations, and Security Governance, Risk and Control (inc. Business Continuity Management)
• Experience of providing security advisory for new technology deployments including automation initiatives
• Comfortable with interpreting technical requirements, regulations and procedures and translating into clear messages for non-technical audiences
• Strong team player that enjoys collaborative problem solving

What’s in it for you?

• Competitive salary + Bonus where applicable
• 25 days annual leave with the option to purchase 5 more
• Access to wellbeing and mental health benefits such as the Calm app, personal medical, critical illness cover and dental insurance
• Matched pension contribution up to 10%
• Access to our car benefit scheme
• Access to our online learning platform to continue to develop and grow your career with us
• The chance to join an innovative, fast-paced and passionate team

Who we are:
Join Liberty Global and Shape Tomorrow’s Connections Today!
At Liberty Global, we connect people through cutting-edge technology. As a world leader in broadband, video, and mobile communications, we invest in fibre and 5G networks, providing over 85 million fixed and mobile connections through leading brands, such as Virgin Media O2, VodafoneZiggo, and Telenet. Our Ventures portfolio has strategic stakes in over 75 companies in content, tech, and infrastructure, including ITV, Formula E, AtlasEdge, and Egg. We prioritize diversity, equity, and sustainability, using technology for good. If you’re entrepreneurial and thrive on challenges, join our high-performing team.
Liberty Global is an equal opportunity employer, committed to an inclusive environment and accommodating all candidates. We’re eager to hear from you, no matter your background

• Deliver and maintain the ISO 27001 certification across LG Central, including all supporting activities
• Manage and oversee the ISO 27001 non-conformity process and its integration with security risk management processes, ensuring that remediation efforts are delivered in a timely manner
• Support the identification, assessment, and delivery of wider certifications, including, but not limited to: ISO 22301, Cyber Essentials+
• Develop strong relationships in order to build a detailed understanding of the security risks that exist across the business
• Take accountability for the identification, assessment, and management of new and existing risks, balancing security with business priorities
• In close partnership with the Security Academy:
• Deliver against the overarching security culture and awareness strategy
• Building business awareness of emerging security threats and risks and develop a security culture throughout the organisation
• Regularly brief the LG Central leadership team on progress against the information security strategy, roadmap, and programmes, as well as emerging cyber threats and changes to risk profile
• Using expert knowledge of the business, identify key areas of focus for education and awareness campaign