Skip to content

IT Risk and Compliance Manager

Please Note: The application deadline for this job has now passed.

About the job

Here at the Card Factory we are looking for an IT Risk and Compliance Manager in this role you will provide Card Factory with both security operations and information security risk management activities. The role is a mid-level managerial position, acting as interface between the Head of Security’s strategic and process-based activities and the work of the technology-focussed analysts, engineers and administrators. The role is to provide security operations assurance that security risks have been detected, assessed and managed by technical means. The role also requires that regulatory requirements and best-practice industry frameworks are assessed for compliance and gaps are risk managed.

The day to day

  • Maintain the current security operations program with resulting activities and procedures.
  • Maintain the current security risk management program with resulting, activities, procedures, risk registers, audits and reports. 
  • Provide security metrics and monitoring for the continuous improvement of security operations and risk management.
  • Manage and develop security analysts to support wider security operations and risk management activities.  
  • Manage 3rd party partners that support the security operations program.
  • Provide annual PCI DSS compliance, and support the Data Protection Officer (DPO) with GDPR/DPA compliance.
  • Provide security assurance to business infrastructure, servers, workstations, store hardware, cloud environments, applications and ecommerce.
  • Provide internal security audits, phishing tests, security framework gap analysis, threat analysis, competitor analysis or other artefacts.
  • Provide supplier risk management including due diligence checks and support Data Protection Impact Assessments (DPIAs).
  • Provide security assurance during the delivery of projects and business change.
  • Support other risk management and compliance activities.  

About You

  • Experience working in risk management, IT or security – ideally leading a team.
  • Civil, polite, diplomatic and patient behaviour with stakeholders. Able to create and manage relationships with business harmony.
  • Motivated, energetic and enthusiastic to solve problems by known or new solutions. ‘Can do’ attitude, proactive with a high level of initiative.
  • The role can predominantly remote work, however, occasional head office visits to Wakefield, Yorkshire, are required.
  • IT or security qualifications including CISM/CISSP, ISO 27001, ISO 27005, GRPR, PCI DSS, M_o_R or other risk management frameworks.

Desired

  • Interest or aspiration to increase role or scope of work to include other security or risk management activities.
  • Knowledge of technology or solutions to assist with security assurance (firewall, antivirus, email, vulnerability scanners, SIEM, IDS, EDR etc).
  • Experience in producing artefacts including reports, assessments or gap analysis.
  • Experience in the retail sector.
  • Strong written and oral communication skills. Attention to detail, able to create high-quality products worthy of presenting at Executive level.

Why join us

Card Factory is the UK’s leading specialist retailer of greetings cards, dressings, and gifts with over one thousand stores across the UK and Ireland.  In 2020 we launched our exciting 5-year business strategy including our vision of becoming a true Omni-channel retailer.  This strategy sees significant investment into our colleagues across the business creating multiple opportunities to join a fast-paced environment and be part of our exciting journey.  

In return, we offer a wide range of benefits to support your physical, mental, and financial wellbeing.

Benefits

  • Pension
  • 15% Card Factory colleague discount in-store and online
  • Save As You Earn scheme
  • Financial Wellbeing Support       
    • Financial Education Tools
    • Salary Advance
  • Seasonal incentive schemes
  • Retail Management Apprenticeship Programmes with local providers with access to a virtual internal network for learning together
  • Discounted gym membership, mobile phone contracts, and car leasing
  • Discounts across 100’s of UK retailers
  • Employee Assistance Programme – access to tools to support mental, physical, and financial wellbeing
  • Enhanced Maternity, Paternity, and Adoption leave

This is an exciting role with genuine prospects for the right candidate. If this role describes you and your career aspirations, click apply now.

For any questions email: vacancies@cardfactory.co.uk (we do not accept CVs/Applications via email) 

We reserve the right to close this vacancy once sufficient suitable applications have been received. We advise applying early to avoid disappointment as applications will be reviewed regularly. 

No agencies, please.

The following content displays a map of the job's location.

IT Risk and Compliance Manager

  • Salary Competitive salary and benefits package
  • Frequency Annual
  • Job Reference cardfac/TP/1048639/14448
  • Contract Type Permanent
  • Working Hours 37.5
  • Closing Date 18 August, 2022
  • Location Century House Brunel Road Wakefield 41 Industrial Estate, United Kingdom
  • Posted on 25 July, 2022

Spread the word

Jobs in the same category

This website is using cookies to improve your browsing experience. Tracking cookies are enabled but these do not collect personal or sensitive data. If you prefer for this not to be collected, please choose to turn cookies off below. Read more about cookies.