Management Level F Job Title: Platform Security Manager Business Function/ Department: Platform Engineering & Security Reporting to: Head of Platform Engineering & Security We are Lenvi and we are passionately committed to becoming the go-to credit and analytics platform in our chosen markets, we will achieve this through unwavering focus on our people, product, and clients. We service a range of clients in the UK, Europe and the United States providing lending platforms and analytics capabilities to both commercial and consumer-focused businesses across a range of asset classes including invoice discounting, retail finance, unsecured lending, SME funding and mortgages. Our Values Statement We epitomize the values of being bold, insightful, energetic, and curious. Embracing calculated risks, thinking deeply, bringing enthusiasm, and constantly seeking knowledge. These values fuel our innovative spirit, drive our growth, and enable us to make a positive impact on our stakeholders. Role Summary The Platform Security Manager at Lenvi will be responsible for overseeing the security of Lenvi’s hosting and end user computing platforms. You will lead the Platform Security team, ensuring the implementation of robust and scalable security solutions. This role involves making critical decisions on security principles, promoting innovation, and aligning security strategies with business objectives. Key Responsibilities: Security Strategy: Develop and implement comprehensive security strategies to protect Lenvi’s hosting and end user computing platforms against threats and vulnerabilities. Security Risk Management - Identify and assess the information security risks and vulnerabilities facing the organization and recommend appropriate mitigation strategies and solutions. Security Monitoring - define and oversee Lenvi’s security monitoring and testing activities, including regular vulnerability scanning, penetration testing and security audits / reviews. Security Implementation – work within the Platform Security team and other Lenvi IT and Business teams to ensure the effective implementation and enforcement of security measures, standards and best practices across the Lenvi organisation. Security Incident Management – work with the Lenvi Service Delivery Team and other key stakeholders to define and manage Lenvi’s security incident response process, including the identification, containment, analysis, remediation, and reporting of platform security incidents. Security Standards: Promote, document, and maintain security policies, standards and guidelines for the Lenvi Platform Engineering, End User Computing and wider IT teams. Security Threats and Trends – monitor the latest security threats, technologies, standards, and regulations and evaluate their impact and applicability to the organization. Internal and Client Support: Provide Platform Security support to Lenvi IT and Business Teams as required (e.g. internal security consultation, supporting client meetings, audits and security due diligence exercises). Product Backlog Evaluation: Critically evaluate and challenge the Product Backlog, focusing on delivering the security outcomes required to drive value from the proposition. Mentoring and Coaching: Mentor and coach team members, fostering a culture of continuous improvement, learning, and growth. Innovation and Technology Adoption: Drive innovation and ensure the adoption of emerging security technologies where applicable and appropriate. Process Optimization: Manage and optimize security processes to enhance efficiency, quality, and protection against threats. Skills and experience: At least five years’ experience in information security management or related roles Extensive background in IT security operations, with experience of cloud hosting environments (ideally Microsoft Azure) and complex, multi-tier service-based architectures. Strong knowledge of information security principles, frameworks, standards, and best practices, such as ISO 27001, NCSC Guidelines, NIST etc. Good working experience of security monitoring and testing tools, including SIEM, vulnerability scanning and other penetration testing tools. Good experience of working in a B2B / managed service environment, building relationships with internal teams and external clients to deliver effective security solutions Good experience of working with third party security solution providers (e.g. penetration testing companies, security tool vendors). Deep knowledge of cloud security platforms, security frameworks, and containerization security technologies. Good overall understanding of IT principles, technologies and solutions, including cloud computing, containerisation, CI/CD, automation, IaC, databases and end user computing solutions Demonstrated ability to drive continuous improvement, foster innovation, and mentor a high-performing security team. Information Security Certifications such as CISSP or CISM are preferred. Excellent analytical, problem-solving, and decision-making skills. Strong communication, presentation, and interpersonal skills. Ability to work independently and collaboratively in a fast-paced and dynamic environment. Our Diversity Statement At Lenvi we encourage individuals from all walks of life, without exception, to join our team. We know diversity fuels innovation and creativity, so we welcome applications from anyone, with any background. We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks. These consist of 5 year activity & GAP verification, DBS or Access NI, Credit, Sanctions & CIFAS checks.