Head of Information Security

The role:

Hours: Monday to Friday, 8:30am - 5pm. We are happy to discuss flexible working

To give you an idea of what to expect, you`ll be:

  • Developing and leading the Information Security team responsible for securing all company information.

  • Leading the information risk management activities, supporting technology focused risk assessments and audits, and aligning with Group risk activities.

  • Helping the Group protect its business objectives, financial resources, image and reputation, legal position, employees, and other tangible and intangible assets though the operation of the organisation`s ISO27001-aligned Information Security Management Systems (ISMS).

  • Providing leadership and support to Unite on the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.

  • Supporting the company`s IT service continuity capabilities and ensuring testing of these capabilities in preparation for disaster events.

  • Maturing and operating the technology risk framework, designing target state processes and implementing remediation plans to meet the designed state.

  • Ensuring the remediation of technology risk is adequately governed, delivered and reported.

  • Supporting the company`s compliance to PCI Data Security Standards.

  • Providing leadership, advice and counsel to the leadership team in support of achieving its strategic information security, data protection, risk and business objectives.

  • Ensuring that resource and skillsets are in place to maintain certification of the ISMS and Information Security technical controls relating to Unite`s ISMS.

  • Developing an effective information security aware culture across Unite to ensure all employees are aware of their responsibilities around security threats and can act as first line of defence.

  • Establishing relationships with and supporting business units to develop and deliver secure products and services including supporting bid opportunities and RFP responses to ensure alignment with existing and planned information security capabilities.

  • Continuously developing Unite`s information security strategy and capabilities, including security policies and procedures, compliance monitoring, security breach detection, incident management and breach investigation.

  • Developing and maintaining processes around third-party cyber security risk.

  • Managing the investigation of suspected and actual breaches of security (including data loss) and monitoring remedial action.

  • Attending senior management meetings to provide information security briefings and report on progress of information security initiatives.

  • Owning the Information Security budget, expenditure and cost centre management.

  • Managing relationships with internal stakeholders including Unite Students IT teams; Health & Safety; Risk and Resilience; Data Protection & Legal.

  • Managing relationships with external stakeholders including client Information Security and Internal Audit teams, security accreditation and certification bodies, and security service providers.

  • Maintaining knowledge of complex industry trends, current security issues and security technology and update management on risk and threat that could impact company business.

  • Day-to-day line management of the Information Security team.

What we look for in you:

  • Significant experience in the Information Security industry with a proven history of heading the delivery of Information Security programmes in a technical IT environment.

  • Experience of working within ITIL-based service management environments.

  • A strong technical background as an engineer, ideally with strong knowledge of networks, and the ability to develop highly technical solutions.

  • Relevant industry qualifications, such CISM, CISSP, ISO27001 lead auditor or SANS GCIH, together with good working knowledge of applicable legal and regulatory legislation including GDPR and PCI Data Security Standards.

  • An Auditor mindset, with a strong track record of identifying risks and issues, managing stakeholders and mobilising resources to drive remediation activities through to successful closure.

  • Experience of reviewing or auditing the effectiveness of technical and operational security controls.

  • Ability to translate strategic business priorities into technical solutions, and to clearly articulate these technical solutions to non-technical stakeholders in an easily understandable way.

  • Experience of leading, developing, coaching, managing and inspiring teams to embrace Unite`s vision and deliver a world-class service.

  • Able to thrive in a highly pressurised and constantly changing environment.

  • Diplomatic and discreet, with the ability to interact successfully across all levels of the business, communicating effectively and challenging where necessary.

  • A pragmatic approach, able to ensure security requirements and controls are commensurate to what requires protecting.

What Unite Students is all about:

We`ve been the leaders in the purpose-built student accommodation market since our foundation back in 1991 and have been at the top of our game ever since. We`ve grown a lot since then and as we continue to grow, you can now find us in 27 different university towns and cities, with close to 75,000 students calling us home! 

We recognise that your hard work shouldn`t come without its perks, so here`s a list of some of the things you can expect to get from us:

  • We`ve earned an award for Investors in People - Gold, so you`ll be working for an employer who really cares about you and your career

  • Take time to relax with 25 days` holiday

  • An annual bonus so you can share in the company`s success

  • Car allowance

  • Private medical

  • Enjoy amazing discounts at certain restaurants, retailers and entertainment venues

  • Most of all, you`ll be working within a fun, passionate and friendly team

Please be assured, we are still recruiting for all vacancies advertised on our Jobs page and will be taking the necessary precautions, in line with Government and WHO guidelines, to ensure the health and safety of our candidates, employees and customers during the recruitment process.

Unite Students is an equal opportunities employer and we welcome people of all ages, ethnicities, disabilities, religions, gender identities and sexual orientations. Your application will be dealt with in the strictest of confidence.