IT Information Security Manager

INTRODUCTION

We believe creativity opens spaces. Our purpose is to unlock the power of imagination to push boundaries and open new possibilities for our people, our customers, and our communities. Grounded in our heritage and culture, it underpins the choices we make for Burberry today and informs our long-term goals.

At Burberry, we have always sought to build a culture that is open and inclusive, where all perspectives are valued, and our 10,000 colleagues representing 120 nationalities across 34 countries can find a real sense of belonging. We are focused on attracting and retaining a broad range of the best talent, supporting our core belief that diversity of thought, experience, and voices opens spaces for new ideas to thrive, fuelling creativity and enabling us to truly fulfil our purpose.

From blazing a trail with innovative technology and designing beautiful retail stores, to recruiting the best talent that helps to nourish and bring our creative ideas to life, our business areas work together to redefine the future of luxury fashion.

JOB PURPOSE

The IT Security Advisory function provides a key role within Burberry's Group Information Security Team to ensure that information security is appropriately integrated into all IT and business projects. The IT Security Advisory Manager will work closely with the Senior Manager and a team of Security Advisors to ensure that new projects and initiatives are assessed, and risk-based security advice is provided. The role will include a mix of hands-on delivery within specific projects and management of other IT Security Advisors within the team.

The team is based across our Leeds and London offices and travel to the office based on business need. We are happy to discuss a working pattern that works best for you in line with our flexible working practices.

RESPONSIBILITIES

• Advise in-flight IT and business projects to embed security requirements, manage risks and enable security by design.
• Perform security risk assessments against projects to determine control requirements and track and report on security requirements levied on projects/initiatives through to successful implementation.
• Develop security-related project artefacts/patterns to support consistent security input to projects.
• Perform controls validation to ensure that any initial requirements were implemented as expected.
• Liaise with project stakeholders as an information security subject matter expert throughout the project lifecycle, including representing the Information Security Advisory Team at stage gate meetings.
• Identify and document any residual risks and engage with the Information Security Risk team to ensure these are tracked and managed.
• Manage a team of security advisors engaging similarly with projects across the business.
• Support the continuous optimisation of our methodology and approach to support the delivery of consistent security input to projects, services and solutions.
• Work collaboratively with the wider information aecurity function, enterprise architecture & project management teams to ensure a consistent approach to embedding security into projects.

PERSONAL PROFILE

Candidates should have experience in the following areas:

• Experience and knowledge of information security processes & technologies such as, networks, applications, mobile devices, cloud and web-related technologies (web applications, web services, service orientated architectures).
• An understanding of information security best practices and recognised industry frameworks.
• Knowledge of waterfall and/or agile ways of working and practices.
• Experience with information security risk management.

Candidates must be able to demonstrate the following skills and experience:

• The ability to communicate effectively at all levels in an organisation
• The ability to translate highly technical information into a business context.
• Experience in handling competing priorities with productive and professional decision making.
• Capable of working in a team or unsupervised to the same level of quality.
• Strong verbal and written communication skills.
• Strong analytical, organisational and problem-solving capabilities.

The following skills and experience would be advantageous:

• Experience in determining security requirements for projects or products.
• Experience in managing teams, including the coaching and development of team members, along with career and progress planning.
• Demonstrable security architecture background.
• Knowledge of Secure Software Development Lifecycle.
• Relevant security qualifications such as CISSP, CISM, ISO 27001 Lead Auditor.
• Experience with AWS and Azure security.
• Retail sector or commercial experience as an IT Security Consultant / Manager
  

FOOTER

Burberry is an Equal Opportunities Employer and as such, treats all applications equally and recruits purely on the basis of skills and experience.

Posting Notes: United Kingdom || Not Applicable || Leeds || IT || INFORMATION SECURITY || n/a ||