Information Security & Business Resilience Manager

Location: National – Any LOR office would be considered

About the role:

We're looking for an experienced Resilience & Information Security Manager to lead our approach to keeping the business secure and prepared. This is a key role, working across multiple functions to strengthen how we protect our people, data, and operations.

You'll take ownership of our Business Continuity, Crisis Management, and Information Security frameworks, ensuring our plans, policies, and controls are aligned with business priorities. You'll act as a trusted advisor and collaborate with senior stakeholders across the business and embed a culture of resilience and security throughout the organisation.

You'll be responsible for maintaining and testing crisis plans, leading response efforts when incidents occur, and overseeing the rollout of information security standards and best practices.

This role will suit someone with proven experience in these areas, strong stakeholder management skills, and the ability to translate complex risks into clear, actionable steps.

If you're motivated by the opportunity to drive meaningful change, influence at all levels, and make an impact on organisational resilience, we'd love to hear from you.

What will the role look like?

• Conduct regular security risk assessments to identify vulnerabilities and escalate as appropriate with identified stakeholders and implement appropriate measures to minimise risk to the organisation.
• Collaborate with cross-functional teams to address compliance gaps and implement corrective actions. 
• Liaising with IT and working closely with the CISO regarding Information security protocols and network controls
• Maintain up-to-date knowledge of information security regulations and best practices.
• Design, implement, and enforce security policies and procedures to ensure the safety of information assets.
• Act as the incident response lead during disruptions, ensuring timely recovery and communication. 
• Plan, develop and conduct crisis management training across the enterprise 
• Drive lessons learnt and support the implementation of identified actions to improve the incident response plan and improve business continuity.
• Manage the crisis management response and coordination to protect essential outcomes and effectively restore services.
• Communicate effectively with internal stakeholders, including executive leadership and operational teams. 
• Develop and maintain security and continuity policies, standards, and procedures. 
• National liaison with LOR management regarding any security related matter that may affect the operation of any LOR site/office/project
• Liaise with Client security representatives and consultants
• Build strong relationships across LOR's business areas and particularly IT in relation to the Disaster Recovery Strategy.

Essential:

• Ability to collaborate effectively with cross-functional teams and build strong relationships with internal and external partners
• Proven experience in Information Security Management, Business Continuity, Risk Management, or other resilience disciplines within the commercial sector. 
• Ability to present complex technical and non-technical security information, concepts and intelligence to a wide range of audiences and stakeholders as well as deliver presentations and training. 
• Development and execution of Crisis Management exercises
• Strong communication skills, both written and verbal, with the ability to present complex security concepts to non-technical stakeholders.

Desirable:

• Experience of ISO 27001, BSI-19650-5, NIST, GDPR
• Information Security Certification such as CRISC, CISM, CISSP etc.
• Business Continuity/Resilience Certification such as CBCP or CBCI

Don't match all the criteria? We are open and always happy to hear from people with transferable skill sets and a commitment to learning.

About us:
We are an international engineering and construction company delivering state-of-the-art infrastructure and buildings projects for clients in the UK, Middle East and Australia.

Certainty, reliability, quality – this is what our clients want. And at Laing O'Rourke, we have more than 150 years of experience delivering it. Laing O'Rourke's story is one of energy, passion, ambition, people and teamwork. We harness the power of our experience, stretching back over a century and a half to deliver certainty for our clients.

As part of the Disability Confident scheme, we would like to enable access to candidates with long term health conditions and disabilities through the ‘Offer an interview scheme'. This supports applicants that meet the essential criteria by offering an interview for the advertised position. Please let us know prior to interview what adjustments are required as well as discussing how we can support you in the workplace.

We want to ensure our recruitment process is accessible to all. If you need the application form in an alternative format or you would like to know more about our recruitment process, please email resourcingteam@laingorourke.com

#LI-TE1