THG is an international technology company and leading online retailer, home to premium brands such as lookfantastic, Myprotein, and ESPA; all of which are powered by our industry-leading and award-winning technology platform, THG Ingenuity.Tech at THG
Technology is the driving force behind THG, and it starts with our people. We are ambitious with our goals and challenge conventional thinking. THG Technology is different because we support every single person to make massive impact and drive their own work. Our people are always learning, and we work every day to ensure our technology, from our software platforms, to our hosting services, to our M.L capability and beyond, is world class. This enables us to keep powering THG and our partners on a global scale.What will I be doing?
Due to the rapid growth of THG and the requirement for enhanced visibility and assurance of legal and regulatory compliance, we are expanding our Governance, Risk and Compliance team. Working within the Information Security team, you will be focussed on but not limited to auditing information security compliance throughout the business. You will be responsible for undertaking internal audits, documenting findings and tracking corrective actions. The role requires a high degree of proactive and positive engagement with stakeholders and managers to drive continual improvement of the group ISMS and its related components. There will also be a requirement to undertake external audits under standard contractual terms to ensure that our associates maintain high security information security standards. Working closely with the information security team, you will be involved in ensuring that all legal and regulatory components are measured and adhered to. We are adopting working practices in line with UK government advice.
What skills and experience would I need?
- Maintain and audit schedule with internal and external stakeholders
- Undertake scheduled audits and factor in ad-hoc audits
- Ensure that information security KPIs are maintained
- Ensure that non-conformities are fully documented and tracked
- Engage with non-conformance action owners to address and close findings
- Maintain a live register and reporting of non-conformance findings, audits and KPIs
- Engagement with risk managers concerning audit findings
- Improve policies, standards and procedures for compliance frameworks
- Develop a broad compliance driven culture through engagement and awareness
What's in it for me?
- ISO27001 Lead auditor or Implementer
- Working knowledge of associated PCI DSS against ISO27001 requirements
- Knowledge of Data Protection Act 2018 and or the GDPR
- Pragmatic and the ability to multi-task and react very quickly to business requirements
- Effective interpersonal skills to build and maintain relationships
- Proficient computer skills, especially Microsoft Office applications
- Ability to train others and build a sustained compliance culture
- Competitive salary
- Build solutions using the latest technology
- Work alongside genuine industry experts
- Continuous development through THG Academy, our in-house L&D team
- Staff discounts on THG brands and Hale Country Club
- On-site doctor, physio and barber