Information Security Risk Manager

Department:  Information Technology
City:  Leeds
Location:  GB

Founded in 1856 by Thomas Burberry, Burberry is a global luxury brand with a distinctly British attitude. We are a global business with an extensive network of both owned and franchised stores across EMEIA, Asia Pacific and Americas. We are digital pioneers, and innovative technology underpins every aspect of our business, from product design to distribution and marketing. We believe that modern luxury means being socially and environmentally responsible; this mindset is core to our business and key to our long-term success.


At Burberry, we are on a journey to improve our Information Security and have a vacancy for an Information Security Risk Manager to join our Leeds based Information Security team.

As an Information Security Risk Manager, you will have a global remit and play an integral role in the Information Security team. You’ll conduct information security risk assessments to inform the information security strategy, influence investment into security improvements through risk analysis, and provide a foundation for security control for projects.  

In the role, you will drive the delivery of core information security risk services whilst leading a team of analysts. You will conduct 3rd party assessments, risk reviews, and make key contributions to the Burberry Information Security Risk Assessment Reports. 

If you are an experienced Information Security professional with a genuine passion in your field, we’d love to hear from you. This is a rare opportunity to join a forward-thinking and engaged business that’s in the middle of a hugely exciting brand transformation. 


As the Information Security Risk Manager, you will: 

  • Manage team plans – leading a team of analysts and ensuring they meet their development and operational goals. 

  • Manage 3rd party security vendors due-diligence services, ensuring they are fit for purpose and our procurement process remains secure. 

  • Manage the risk register whilst having the ability to clearly and concisely articulate information security risks to a variety of technical and non-technical stakeholders. 

  • Perform Information Security Governance activities, such as BAU Risk Assessments, reviewing and contributing to Information Security standards and policies, and driving compliance in 3rd party security activities. 

  • Drive a culture change of understanding and awareness around cyber security risks across IT and the wider business 

  • Perform Horizon scanning and consider industry Threat Reports against risk management activities 

  • Perform risk analysis against Industry-leading Control Frameworks and regulations e.g. GDPR, ISO27001, NIST CSF, AEO 

  • Improve the risk methodology within a complex and exciting IT delivery environment 


You will be: 

  • A proven manager with experience mentoring and developing teams. 

  • An experienced Information Security and Risk professional, with a broad knowledge of info and cyber security, risk management and security best practices 

  • An excellent relationship builder with great stakeholder management skills 

  • Passionate and driven, with a genuine interest in Information Security and Risk. 

  • Professionally qualified – CISSP, ISO27001, CRISC 


Burberry is an Equal Opportunities Employer and as such, treats all applications equally and recruits purely on the basis of skills and experience.


Posting Notes: United Kingdom || Not Applicable || Leeds || Information Technology || IT - Information Security || n/a ||