Data Protection, InfoSec and Business Continuity
Managing risk, driving compliance and ensuring sustainable business
Data Protection, InfoSec and Business Continuity
We’re a high-energy group of risk professionals that cover a diverse range of risk topics providing Data Protection, Information Security & Technology, Supplier Assurance, Business Continuity and Group Insurances. We’re recognised as a high performing team that’s both agile and resilient, with the ability to perform and deliver our strategy to protect NFU Mutual, our customers and stakeholders.
Meaningful work that makes a difference
At NFU Mutual, we’ve always taken our responsibilities seriously and we are passionate about making meaningful differences. We are committed to making a positive difference for our members, our people, for farming and rural communities, and for the environment, by doing business the right way.
As part of the Data Protection, InfoSec and Business Continuity team you’ll be making a real difference. Together, we ensure the business is aware of, and appropriately managing, its financial, operational, and reputational risks that could impact NFU Mutual, our customers, people, stakeholders, and the wider farming community. We do this through analysing data, evaluating risks, and developing strategies and solutions to manage them. But it’s not all number crunching – risk management also requires creativity and innovation. Better Never Stops.
The Data Protection team ensures that the business is aware of its obligations relating to the processing of the personal data of NFU Mutual’s customers, employees, our Agents and their staff. We do this through providing appropriate training and tools, timely data protection advice and guidance where required, and assurance that key data protection risks and controls are in line with NFU Mutual’s risk appetite. We ensure that any Data Subjects Rights (DSR) Request received by the business are responded to appropriately, and we also ensure that the business is supported in the management of any data protection breaches, and any communications with regulators and other stakeholders.
Information Security and Technology
The Information Security and Technology team ensures that the business is aware of the information security and technology risks that they are running, and their accountabilities and responsibilities in information security and technology risk management. We do this through providing appropriate training and tools to meet the group’s expectations in embedding a strong information security and technology risk culture in their business area and are supported in managing security incidents and any communications with regulators and other stakeholders.
Supplier Assurance and Change
Any form of change, whether internal (e.g., projects) or external (e.g., a new supplier) can introduce risks if not managed correctly. The Supplier Assurance and Change team’s role is to ensure that the business is aware of the financial and operational risks that they are running relating to change and supplier relationships, and that they understand the expectations on them in relation to their accountabilities and responsibilities. We do this through working with colleagues across the business to ensure that, where necessary, risk-based assessments are undertaken, and appropriate controls are put in place to mitigate any perceived risks.
The Business Continuity team strengthens NFU Mutual’s operational resilience to ensure we can maintain our reputation and service to customers. We do this through identifying, assessing, and addressing threats to the ongoing delivery of key business services, with focus on technology, change and the supply chain, and collaborating across the business and externally to find, implement and test solutions to improve resilience. We also ensure the business has appropriate plans, processes, and skills in place to respond to business continuity or operational resilience incidents.
The Incident Management team ensures NFU Mutual maintains its reputation and service to customers through effective incident and crisis management. We identify any concerns in upcoming events and communicate these so that appropriate controls are put in place to mitigate any potential impacts. Following incidents, we provide “lessons learned” investigations to identify root causes and drive quality improvements to plans, processes, tools, and skills, through running incident management exercises based on real-life threat scenarios.
The Group’s Insurance team is responsible for purchasing and managing an appropriate insurance programme for the NFU Mutual Group, to mitigate the financial impact of operational risks the business may face. This workstream involves setting the strategy for how to manage these risks in a cost-effective way to protect expenses and profit in the event of a major incident/ loss. We do this by using our operational risk knowledge expertise with the business to identify our big exposures and identify emerging threats. We are always looking at ways to improve what we do and how we do it to provide value for money to the business.
Hugely diverse work
Whichever team you join, you’ll find that every day’s different and you’ll have the chance to influence a wide variety of work. Depending on your team, you could be reviewing and setting policies, strategies, and frameworks in your area of expertise. You might be training and advising different parts of the business on regulatory changes and compliance. You could be taking a deep dive into a particular risk to see how well our strategy stands up. Or you may be involved in incident management. Whatever your role, you’ll be helping to mitigate potential risk to our business.
Developing your career
Join us and you’ll find an environment where you’re supported and encouraged to develop your skills, explore new career paths and achieve your full potential. Working in a dynamic, constantly changing and evolving business, you’ll enjoy the chance to constantly adapt to new challenges.
With access to a host of formal training and development opportunities, you’ll also enjoy the chance to learn on the job, alongside highly experienced colleagues. So, you’ll find it’s a place where you’ll constantly be picking up new skills and broadening your expertise, with the scope to make a major contribution to our future.
Meet some of the team
Hannah Pollard, Data Protection Manager
For me, my work’s exciting because it’s so varied and diverse. You think that you know everything and then there'll be a new threat, or the regulators raise the bar, so it’s continuously evolving. I also get to work with lots of people and understand the whole business. The culture’s very focused on our relationships with each other, so there's a big community spirit. There’s also a commitment to building and investing in the talent we’ve got – you see big appointments across the business, and most of the time they're filled internally.
Hannah Nash, Information Risk Management Consultant
I’ve been in the Group Insurance team for over ten years and no day is the same. You’re always learning something new and there’s always something else to think about, processes that can be improved, alternative ways of tackling a challenge. NFU Mutal is committed to development and I’ve had lots of opportunties within the Risk Division to do different things and be exposed to different workstreams and stakeholders. There’s also a lot of flexibility. You're trusted to do your job and if you need some flexibility around working hours, then it's very give and take. Also, if you have a particular skillset, they’ll be flexible and encourage you to use it, even if it’s not necessarily part of your role.
Matt Burton, Risk Consultant
I know everyone says this about their job, but it really is true – no two days here are ever the same! Whether it’s leading a team of stakeholders from across the business to manage and resolve an incident, identifying emerging risks to ensure we’re prepared through ‘horizon scanning’, exercising and testing different stakeholders and their business continuity plans, to analysing the management of incidents and our response through ‘lessons learned’ reports and improving tools to assist in incidents – I’m always doing challenging and rewarding work.
Mohammed Ahmed, Information Risk Management Consultant
From the moment I joined I could see that this is a close-knit and pragmatic team who also want to be experts in their respective fields. I’ve only been with the team for a short time, but I can see my professional opinions being taken on board and having an impact. Being a person who takes my faith seriously, I was taken aback when NFU Mutual went the extra mile to ensure there’s a suitable place for me to complete my prayers that fall into working hours. This gesture alone showed me the importance that’s placed on my personal wellbeing.
Seto Adenuga, Information Risk Management Consultant
I’ve been part of the team now for just over two years, and in that time I’ve been given great opportunities to develop my skills in data protection and information security risk management, particularly focussing on the risks of change and engaging with suppliers. The team genuinely cares about you and your career goals and will provide you with opportunities to get there. You just have to grab them! I’m always learning something new and the work is definitely challenging given how varied our work is. Everyone in the team is super open, friendly, and sociable which I really value.
Ben McMahon, Information Risk Management Analyst
In my five years as part of the team I have had the opportunity to grow from a temporary employee with very limited knowledge of risk into my current role where I now provide Data Protection support to the business. Every day brings new challenges from changes in regulations to the management of incidents within the business, which keeps the role fresh and engaging. Along with the role, the team that I have become a part of has been extremely supportive in helping solve problems as well as providing further opportunities for growth.
Olivia Grade, Information Risk Management Consultant
I have worked in the Business Continuity team for a couple of years, having joined following completion of my post-grad qualification. So this is my first ‘real’ job. I’ve been given opportunities to challenge and develop within my role as well as gaining additional qualifications to supplement my knowledge and skillsets. All of which I am putting to good use in my current secondment as an Information Risk Management Consultant. All the while I’m being supported and encouraged by a team that genuinely relishes in your success.
Here are just some of the vacancies that we currently have in Data Protection, InfoSec and Business Continuity. Simply, click on the job title to find out more.
You can see all the jobs we have available by clicking the ‘See all jobs’ button. But don’t forget, if you can’t find your perfect job right now, you can 'Register for job alerts' or ‘Make a speculative application’. That way, we’ll get in touch when a relevant job does come up.
If you have any questions about the opportunities that we have available, or if there's anything else you'd like to know before you apply (or indeed during the application process), please don't hesitate to get in touch.
Sorry. There are currently no jobs available in our Data Protection, InfoSec and Business Continuity teams. Why not take a minute to search all of the jobs we currently have available? Just in case something else catches your eye. Or if you want to be notified as and when we do have a job available, please register for our job alert by email service.