Information Security Officer

Aareon is Europe’s established provider of SaaS solutions for the real estate industry and a pioneer of the sector’s digital future.With its software solutions, Aareon connects people, processes, and properties—bringing the industry closer together. With the Aareon Property Management System, based on intelligent software solutions, the company enables the efficient management and maintenance of residential and commercial properties and creates digital experiences for all stakeholders.As a reliable and innovative partner, Aareon is committed to progress, positive change, and sustainable living and working spaces for everyone.We value a working environment in which diversity and flexibility are appreciated, cooperation in partnership and mutual support in the team are a matter of course and learning is perceived as an opportunity.Become part of our international team! Become part of #OneAareon!

We are looking forward to meeting YOU!Salary: £70,000-£80,000 per year (depending on experience)Work Location: Hybrid London or ManchesterHours per week: 37.5Contract Type: Permanent, full-timeAbout the RoleAareon UK builds software that housing providers and property professionals rely on every day. As our product set grows, security and data protection matter more than ever. We’re hiring a UK Security Officer to take ownership of security across the UK business.This is a senior role covering security across applications, platforms, infrastructure, and engineering.

You’ll also act as the UK Information Security Officer, helping protect customer data, maintain compliance, and keep security practical in day-to-day delivery.You’ll be the main UK contact for the Group Security Operations Centre in Germany, making sure group direction works in practice for the UK business. You’ll own the UK security programme, build on what is already in place, and help bring more consistency across our UK brands.Team & ScopeThis is initially an individual contributor role with strong matrix influence across teams. It works alongside CloudOps, IT, Legal, Compliance and Engineering.What You’ll Be Responsible For1.

Developing and running the UK security strategySet and deliver a clear UK security strategy that aligns with group direction while working for the UK business. You’ll turn group guidance into practical local plans, set priorities, and help leadership make sensible investment decisions. A key part of the role is bringing more consistency across our UK brands.

You’ll also help shape and manage the UK security budget, making sure investment is focused on the right risks, controls, and priorities.2. Governance, risk and complianceOwn and improve our UK security governance. That includes the ISMS, policies, risk management, and the controls needed to meet our obligations.

You’ll make sure we stay on top of ISO 27001, ISO 9001, Cyber Essentials, GDPR, and any relevant customer or sector requirements. You’ll also support audits, due diligence, customer assurance activity, and third-party risk management, helping coordinate evidence, maintain assurance readiness, and improve how we manage security obligations across the UK business.3. Security operations, vulnerability management and incident supportHelp oversee day-to-day security operations for the UK, working closely with CloudOps and the Group SOC.

You’ll support and coordinate security incidents when they happen, making sure the right people are involved and that follow-up actions are properly seen through. You won’t always lead incidents, but you will provide clear security ownership. You’ll also own penetration testing and vulnerability management, helping teams make sensible, risk-based decisions about remediation, sequencing, and technical debt.4.

Security in engineering and platform deliveryWork with engineering, architecture, product, platform, and DevOps teams to make sure security is built into how we design, build, and run systems. This includes secure coding, design reviews, threat modelling, DevSecOps practices, and cloud security. The role is about working with existing technical experts to make good, pragmatic, well-informed security decisions.5.

Policy, awareness and cross-functional workingKeep our security and quality policies and standards up to date, practical, and usable. Support security awareness through clear guidance, communication, and training where needed, while aligning with group-led activity where that is handled centrally. You’ll work across engineering, product, IT, data, legal, compliance, HR and operations to keep security visible and joined up across the business.6.

Resilience, disaster recovery and business continuityWork with technical and business teams to strengthen disaster recovery strategy and business continuity planning across the UK estate. You’ll help make sure recovery expectations are clear, plans are practical, risks are understood, and resilience is tested in a proportionate way.7. Customer assurance and commercial security supportSupport customer and commercial security activity where needed, including security questionnaires, due diligence responses, and clear explanations of our controls and approach.

You’ll help sales, account teams, and leadership respond consistently and credibly to customer security queries without turning the role into a pure compliance function.8. Reporting and Group alignmentTrack useful security measures and report clearly to UK leadership and the Group CISO/SOC. You’ll use metrics and dashboards to show risk, progress, and where attention is needed.

You’ll also act as the main UK link into the Group SOC.9. AI securityHelp the business stay on top of AI-related security risks, including staff use of AI tools, AI in products, agentic workflows, and the changing risks that come with new models and external tooling.About YouYou are an experienced security leader who combines sound judgement with practical delivery. You can work comfortably with senior stakeholders, but you’re also happy getting into the detail when needed.

You know how to explain security clearly, make risk visible, and help teams take sensible action. You’re collaborative, pragmatic, and credible. You know when to push, when to guide, and how to work through trade-offs without losing sight of the bigger picture.

You’re comfortable operating across a complex organisation and working with different teams, brands, and levels of technical maturity.You will be a great fit if you:can work well with both technical teams and senior business stakeholdersare practical and delivery-minded, not theoreticalare comfortable owning security outcomes while working through otherscan influence without creating unnecessary frictioncare about building a strong security culture, not just implementing controlsstay current on emerging technology and risk, including AISkills & ExperienceEssentialStrong experience in a senior cyber or information security role in a technology-led businessA solid grasp of security governance, risk management, and control frameworksGood working knowledge of ISO 27001, ISO 9001, Cyber Essentials, GDPR, and similar standardsBroad technical understanding across cloud, infrastructure, application security, and secure deliveryExperience of incident response, vulnerability management, and penetration testing follow-upAbility to communicate clearly with both technical and non-technical audiencesComfortable setting priorities, balancing risk, and working in a fast-moving environmentDesirableRelevant certifications such as CISSP, CISM, or CISAExperience in SaaS, proptech, housing, or another data-sensitive software environmentExperience working with group functions, auditors, regulators, or external security partnersExperience working across multiple brands, business units, or countriesFamiliarity with AI security issues across internal use, product use, and evolving external toolingÜber unsWerde Teil von Aareon und digitalisiere gemeinsam mit uns die europäische Immobilienwirtschaft.Warum wir?Wir legen Wert auf eine Arbeitsumgebung, in der Vielfalt und Flexibilität geschätzt werden, partnerschaftliche Zusammenarbeit und gegenseitige Unterstützung im Team selbstverständlich sind und Lernen als Chance wahrgenommen wird. Unsere Lösungen adressieren die großen Herausforderungen unserer Zeit: Klimawandel, Wohnungsknappheit und Fachkräftemangel. Entdecke die Vielfalt von #OneAareon!Kontakt aufnehmenWar noch nicht das Richtige dabei?

Dann sende hier eine Initiativbewerbung an unser Recruiting Team!Start #J-18808-Ljbffr