Information Security Manager

At Nido, we create more than just student accommodation – we build vibrant communities where students can thrive. As a fast-growing student housing provider in Europe, we put people and the planet first, delivering exceptional spaces, conscious communities, and unparalleled experiences.

We are undertaking an ambitious and strategic journey to become Europe’s leading provider of Purpose-Built Student Accommodation (PBSA). With a strong existing portfolio of 12,000 beds across 32 properties in the Iberian Peninsula, and an active expansion into key markets including Germany and Italy, we are building the foundations for long-term, pan-European growth.

As we grow our footprint, we are looking for an experienced Information Security Manager to lead the design, implementation, and continuous improvement of the organisation\'s information security strategy. This role is critical to ensuring the protection of sensitive data, regulatory compliance, and business continuity in a rapidly evolving digital environment.

The Information Security Manager will oversee the governance of information security across all departments, coordinate risk assessments, define internal security policies and procedures, and act as the main point of contact for all matters related to data protection and security.

KEY TASKS & RESPONSIBILITIES (include but are not limited to)

• Define, implement, and maintain the Information Security Management System (ISMS) in line with standards such as ISO / IEC 27001, NIST, and GDPR.
• Conduct regular risk assessments and manage mitigation plans across the organization.
• Develop and enforce security policies, standards, and procedures.
• Coordinate and support internal and external security audits and ensure follow-up on findings.
• Ensure the implementation of technical and administrative controls to protect the organisation’s information assets.
• Design, implement, and maintain Segregation of Duties (SoD) within Microsoft Dynamics F&O to strengthen internal control and minimize risks associated with access management.
• Develop and manage a comprehensive Business Continuity framework that goes beyond technical disaster recovery, ensuring organisational resilience and effective response to potential disruptions.
• Lead the incident response process, including investigation, documentation, mitigation, and reporting.
• Work closely with IT to ensure systems, networks, and applications meet security requirements.
• Promote security awareness and training across all employees.
• Produce reports and dashboards on security posture, risks, and KPIs for executive management.
• Manage relationships with third parties, vendors, and auditors in matters of security.
• Stay current with evolving threats, technologies, and compliance requirements.

Requirements

KEY PERSONAL SKILLS & TRAITS

#J-18808-Ljbffr