Security BCP Resilience Manager
| Posting date: | 14 November 2025 |
|---|---|
| Hours: | Full time |
| Closing date: | 14 December 2025 |
| Location: | SE1 9SG |
| Company: | Mitie |
| Job type: | Permanent |
| Job reference: | 84578 |
Summary
Asset Protection & Resilience Manager
Location: UK & Ireland (travel required across regional offices)
Delivering the Exceptional, Every Day
At Mitie, we're proud to create exceptional environments where our people and customers can thrive. We work as one team, built on integrity and trust, always going the extra mile. Diversity makes us stronger, and we're passionate about delivering service excellence in everything we do.
The Role
The Asset Protection & Resilience Manager plays a critical role in the protection and resilience of our client's property and people across its UK & Ireland Region currently encompassing over 15 offices.
Embedded within the client's Security organisation this position will evolve the business continuity program to ensure it integrates across the client's Resilience function.
This is a technical position for a security and business continuity specialist with property or real estate risk management experience. The role will collaborate across the client stakeholders, including Global Security and external resilience stakeholders.
Opportunities and Challenges
-Security and Business Continuity Management Managers can shape organisational culture, ensure compliance, and protect the enterprise against both foreseeable and emerging threats.
-Must stay abreast of a rapidly evolving geopolitical risk landscape - including advances in cyber threats, regulatory requirements, and business model changes - while ensuring the organisation's capacity to respond to and recover from disruptions.
-This role demands initiative-taking, a can-do attitude, accurate written work, adaptability, and a commitment to continuous improvement.
Key Responsibilities
-Develop and implement Business Continuity strategy for Property & People: Design and operate a BCM system aligned to ISO22301 Certification (Business Continuity Management), ISO 22361 (Crisis Management) and ISO 22316 (Resilience) drawing on industry best practice including but limited to the Business Continuity Institute (BCI). Be prepared to manage the end-to-end adoption of an ISO certification. Understanding property resilience risks and with a sound knowledge and experience of Hard and Soft FM services, develop Business Impact Risk Assessments (BIRA) and create Business Continuity Plans (BCP)
-Physical Security and Information Security: have a broad understanding of Physical Security including site risk assessment methodology (TVR), and protective measures such as guarding and electronic security systems. Additionally, possess competency in Information Security in the context of Property, People and ISO 27001 compliance.
-Business Continuity Planning: Lead the development, maintenance, testing and exercising of business continuity and disaster recovery plans (in conjunction with the Technology team) to ensure the organisation's ability to prevent and recover from disruptive events swiftly and effectively.
-Risk Assessment and Management: Conduct Business Impact Risk Assessments to identify critical business processes, critical functions, dependencies, critical third parties to the office environment, vulnerabilities, threats, and potential impacts. Develop and implement mitigation strategies and regularly review and update risk registers. Work with ‘Enterprise Risk Management' on mitigating business disruption and associated risk drivers. Team with ‘Property Resilience' to track and manage Property risks and support ISO27001 compliance.
-Policy Development, Culture and Enforcement: Policy author for BCM, manage the controls catalogue, policy risk assessment and policy compliance with the aim of developing a vibrant BCM culture in the Property and People space. Establish, communicate, and enforce policy, standards, and procedures. Ensure the policy remain current with evolving technologies, threats, and compliance obligations.
-Incident Response: Develop and maintain an incident response framework centred on the client's control centre. Be responsible for control centre operator and shift incident management competency. Act as the second line response to the control centre (first line) to all property resilience and business continuity events including, but not limited to, extreme weather, security incidents, power outage. Oversee the After-Action Review, investigation and lessons process.
-Business Continuity Awareness and Training: Implement organisation-wide and across all ranks education and training programmes to heighten awareness of responsibilities among all staff, incident management and BCM best practices. The ultimate aim is to create as Security and Business Continuity culture in the Property environment involving client personnel and suppliers. Oversee and develop the control centre's capability to monitor for threats and hazards to property and manage resilience incidents.
-Vendor and Third-Party Resilience: Evaluate the resilience status of vendors and partners that service the client's property. Collaborate with procurement and compliance teams to ensure third-party risk is managed effectively. Manage property Critical Third Party (CTP) resilience in conjunction with contract owners.
-Regulatory Compliance: Monitor and ensure compliance with relevant legislation, standards, and frameworks (e.g. client's Global team, ISO 27001, GDPR, local regulations). Prepare for and support internal and external audits.
-Followership, Leadership and Teaming: Lead by example, create trust and support others. Provide clear advice, set performance objectives, and foster a high-performance culture.
-Crisis Management: lead on crisis management at the operational level in the Property and Physical Security domain. Be prepared to advise colleagues and the leadership during emergencies and ensure effective communication with stakeholders.
-Continuous Improvement, Technology & Thought Leadership: Drive a culture of continuous improvement (Plan - Check - Act) and technology adoption, particularly Microsoft Copilot and IA, by regularly reviewing and updating security and BCM based on the threat, lessons learned, and emerging industry trends and considering BCM, Operational Resilience and Security and Resilience. Develop ideas to monitor building resilience live by harnessing data from across Security and FM.
-Budgeting and Resource Management: Manage a budget and resources ensuring efficient allocation and utilisation of resources.
Reporting and Metrics: Develop and present BCM reports and client performance indicators (KPIs) for senior management, highlighting programme effectiveness, incident trends, and areas for enhancement.
About You
You'll bring strong technical and leadership capabilities in both security and business continuity. A confident communicator and strategic thinker, you'll thrive in a collaborative, fast-paced environment.
Essential requirements:
-Bachelor's or master's degree Security or Resilience or a related field. Professional membership and certification.
-Equivalent experience may be considered in lieu of formal education. Service leavers with similar qualifications and experience are encouraged to apply detailing their ambition, commitment L&D.
-Professional certifications such as CPP, PSP, CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CBCP (Certified Business Continuity Professional), or similar are highly desirable.
-Minimum of 5-years' experience in security and business continuity with at least 2 years in a managerial capacity or as a senior consultant
-Proven track record in developing and deploying security and business continuity frameworks within complex organisational environments.
-Extensive knowledge of relevant legislation, regulatory standards, and industry best practices.
-Strong analytical, organisational, and problem-solving skills.
-Experience with risk assessment methodologies and tools.
-Excellent communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels.
-Experience with crisis management, incident response, and disaster recovery planning.
-Ability to handle sensitive and confidential information with discretion.
-The ability to develop, write and maintain policy and plans is essential.
-Microsoft 365 and Copilot courses are available but I high degree of competency will be highly beneficial
-Audit qualifications and experience would be highly desirable.
-Project management experience and certification would be beneficial.
-Experience with security, BCM, Operational Resilience or Critical Event Management (CEM) tools.
-Experience working in property, FM and landlords\managing agents.
Desirable:
-Degree in Security, Resilience, or related field (or equivalent experience).
-Professional certifications such as CPP, PSP, CISSP, CISM, or CBCP.
-Audit or project management qualifications.
Location: UK & Ireland (travel required across regional offices)
Delivering the Exceptional, Every Day
At Mitie, we're proud to create exceptional environments where our people and customers can thrive. We work as one team, built on integrity and trust, always going the extra mile. Diversity makes us stronger, and we're passionate about delivering service excellence in everything we do.
The Role
The Asset Protection & Resilience Manager plays a critical role in the protection and resilience of our client's property and people across its UK & Ireland Region currently encompassing over 15 offices.
Embedded within the client's Security organisation this position will evolve the business continuity program to ensure it integrates across the client's Resilience function.
This is a technical position for a security and business continuity specialist with property or real estate risk management experience. The role will collaborate across the client stakeholders, including Global Security and external resilience stakeholders.
Opportunities and Challenges
-Security and Business Continuity Management Managers can shape organisational culture, ensure compliance, and protect the enterprise against both foreseeable and emerging threats.
-Must stay abreast of a rapidly evolving geopolitical risk landscape - including advances in cyber threats, regulatory requirements, and business model changes - while ensuring the organisation's capacity to respond to and recover from disruptions.
-This role demands initiative-taking, a can-do attitude, accurate written work, adaptability, and a commitment to continuous improvement.
Key Responsibilities
-Develop and implement Business Continuity strategy for Property & People: Design and operate a BCM system aligned to ISO22301 Certification (Business Continuity Management), ISO 22361 (Crisis Management) and ISO 22316 (Resilience) drawing on industry best practice including but limited to the Business Continuity Institute (BCI). Be prepared to manage the end-to-end adoption of an ISO certification. Understanding property resilience risks and with a sound knowledge and experience of Hard and Soft FM services, develop Business Impact Risk Assessments (BIRA) and create Business Continuity Plans (BCP)
-Physical Security and Information Security: have a broad understanding of Physical Security including site risk assessment methodology (TVR), and protective measures such as guarding and electronic security systems. Additionally, possess competency in Information Security in the context of Property, People and ISO 27001 compliance.
-Business Continuity Planning: Lead the development, maintenance, testing and exercising of business continuity and disaster recovery plans (in conjunction with the Technology team) to ensure the organisation's ability to prevent and recover from disruptive events swiftly and effectively.
-Risk Assessment and Management: Conduct Business Impact Risk Assessments to identify critical business processes, critical functions, dependencies, critical third parties to the office environment, vulnerabilities, threats, and potential impacts. Develop and implement mitigation strategies and regularly review and update risk registers. Work with ‘Enterprise Risk Management' on mitigating business disruption and associated risk drivers. Team with ‘Property Resilience' to track and manage Property risks and support ISO27001 compliance.
-Policy Development, Culture and Enforcement: Policy author for BCM, manage the controls catalogue, policy risk assessment and policy compliance with the aim of developing a vibrant BCM culture in the Property and People space. Establish, communicate, and enforce policy, standards, and procedures. Ensure the policy remain current with evolving technologies, threats, and compliance obligations.
-Incident Response: Develop and maintain an incident response framework centred on the client's control centre. Be responsible for control centre operator and shift incident management competency. Act as the second line response to the control centre (first line) to all property resilience and business continuity events including, but not limited to, extreme weather, security incidents, power outage. Oversee the After-Action Review, investigation and lessons process.
-Business Continuity Awareness and Training: Implement organisation-wide and across all ranks education and training programmes to heighten awareness of responsibilities among all staff, incident management and BCM best practices. The ultimate aim is to create as Security and Business Continuity culture in the Property environment involving client personnel and suppliers. Oversee and develop the control centre's capability to monitor for threats and hazards to property and manage resilience incidents.
-Vendor and Third-Party Resilience: Evaluate the resilience status of vendors and partners that service the client's property. Collaborate with procurement and compliance teams to ensure third-party risk is managed effectively. Manage property Critical Third Party (CTP) resilience in conjunction with contract owners.
-Regulatory Compliance: Monitor and ensure compliance with relevant legislation, standards, and frameworks (e.g. client's Global team, ISO 27001, GDPR, local regulations). Prepare for and support internal and external audits.
-Followership, Leadership and Teaming: Lead by example, create trust and support others. Provide clear advice, set performance objectives, and foster a high-performance culture.
-Crisis Management: lead on crisis management at the operational level in the Property and Physical Security domain. Be prepared to advise colleagues and the leadership during emergencies and ensure effective communication with stakeholders.
-Continuous Improvement, Technology & Thought Leadership: Drive a culture of continuous improvement (Plan - Check - Act) and technology adoption, particularly Microsoft Copilot and IA, by regularly reviewing and updating security and BCM based on the threat, lessons learned, and emerging industry trends and considering BCM, Operational Resilience and Security and Resilience. Develop ideas to monitor building resilience live by harnessing data from across Security and FM.
-Budgeting and Resource Management: Manage a budget and resources ensuring efficient allocation and utilisation of resources.
Reporting and Metrics: Develop and present BCM reports and client performance indicators (KPIs) for senior management, highlighting programme effectiveness, incident trends, and areas for enhancement.
About You
You'll bring strong technical and leadership capabilities in both security and business continuity. A confident communicator and strategic thinker, you'll thrive in a collaborative, fast-paced environment.
Essential requirements:
-Bachelor's or master's degree Security or Resilience or a related field. Professional membership and certification.
-Equivalent experience may be considered in lieu of formal education. Service leavers with similar qualifications and experience are encouraged to apply detailing their ambition, commitment L&D.
-Professional certifications such as CPP, PSP, CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CBCP (Certified Business Continuity Professional), or similar are highly desirable.
-Minimum of 5-years' experience in security and business continuity with at least 2 years in a managerial capacity or as a senior consultant
-Proven track record in developing and deploying security and business continuity frameworks within complex organisational environments.
-Extensive knowledge of relevant legislation, regulatory standards, and industry best practices.
-Strong analytical, organisational, and problem-solving skills.
-Experience with risk assessment methodologies and tools.
-Excellent communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels.
-Experience with crisis management, incident response, and disaster recovery planning.
-Ability to handle sensitive and confidential information with discretion.
-The ability to develop, write and maintain policy and plans is essential.
-Microsoft 365 and Copilot courses are available but I high degree of competency will be highly beneficial
-Audit qualifications and experience would be highly desirable.
-Project management experience and certification would be beneficial.
-Experience with security, BCM, Operational Resilience or Critical Event Management (CEM) tools.
-Experience working in property, FM and landlords\managing agents.
Desirable:
-Degree in Security, Resilience, or related field (or equivalent experience).
-Professional certifications such as CPP, PSP, CISSP, CISM, or CBCP.
-Audit or project management qualifications.