Group Information Security Manager

Group Information Security Manager
boohoo group, United Kingdom

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
IT
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Mar 4, 2024
Last Date
Mar 16, 2024
Location(s)
Manchester, United Kingdom

Job Description

About Us

Having started in 2006 with just three team members, we've evolved into a multi-brand, ecommerce giant with offices worldwide and a passionate team of over 4,000. In the past year alone, we've achieved remarkable milestones including automating our Sheffield distribution centre, launching our US warehouse, and initiating our tech re-platforming.

In Tech, we’re proud to support every function. We’re a digital-first company that is totally cloud native. We embrace change and future-proof the business, delivering critical customer facing and internal stakeholder facing systems. Everything from colleague tech to frontend websites and apps, buying and merchandising tooling, and all that’s in-between, we take care of it. Our ideas support and drive the Group’s agenda.

The Role

As the Group Information Security Manager at boohoo group, you will play a crucial role in ensuring the security and integrity of our systems, infrastructure, and data. You will join the biggest online fashion retailer in the industry, where you will have the opportunity to contribute to our success story and be part of a vibrant and fast-paced work environment. At boohoo group, we value creativity, innovation, and teamwork, and we believe in providing endless opportunities for our employees to grow and excel.

In this role, you will be responsible for developing, implementing, and managing comprehensive security strategies, policies, and procedures to ensure the confidentiality, integrity, and availability of our information assets. Working collaboratively with cross-functional teams, you will implement best practices to identify and mitigate security risks. You will have the opportunity to work on diverse projects and collaborate with talented professionals across the organization. This role offers a rewarding and fulfilling opportunity for individuals who are passionate about information security and thrive in a dynamic, ever-changing environment.

Your Team

Your peer group are a range of driven and dynamic individuals who see security as important as their own domains. In addition, your team are a passionate set of individuals, keen to continue to grow and improve the security posture of the Group. You will have a team of Cyber Security Analysts and GRC Analyst helping deliver the Cyber Security Strategy.

Responsibilities
  • Acting as the operational lead for Information Security, including Security Operations, Threat and Vulnerability Management, and GRC functions.
  • Establishing and maintaining effective security policies, standards, and procedures.
  • Developing and overseeing the threat and vulnerability management program, including threat hunting, penetration testing, and remediation activities.
  • Developing and executing cyber incident response plans to improve the handling and mitigation of security incidents.
  • Conducting regular risk assessments to identify vulnerabilities and threats and developing strategies to mitigate them.
  • Horizon scanning to monitor emerging risks, changes to regulations, standards, and best practices.
  • Collaborating with senior leadership to align security initiatives with business objectives and priorities.
  • Managing budgetary requirements and forecasting, including stakeholder and vendor relationships.
  • Developing and delivering information security awareness and training programs to educate employees about security policies, procedures, and best practices.
  • Promoting a culture of security awareness and accountability throughout the organisation.
  • Providing guidance and expertise in designing, developing, and implementing secure architectures and solutions.
  • Reviewing and evaluating proposed IT projects and systems to ensure compliance with security requirements and best practices.
  • Assessing the security posture of third-party vendors and service providers to identify and mitigate potential security risks.
  • Establishing and maintaining security requirements and standards for third-party contracts and agreements.

Requirements

  • Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred.
  • Proven experience of working in information security, and experience in a managerial or leadership role.
  • Experience in leading a team of security professionals, providing guidance, mentoring and cultivating their development.
  • Strong knowledge of information security principles, standards, and best practices, including a thorough understanding of OWASP 10 for Web App and API security.
  • Experience with security risk management, incident response, and security awareness training.
  • Hands-on experience with security technologies, such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint security solutio

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in Manchester United Kingdom
Jobs in this company

boohoo group

Information Technology and Services - Burnley, United Kingdom
© Copyright 2004-2024 Mustakbil.com All Right Reserved.