Security Officer ensuring safety and support for patients, visitors, and staff at HSS. Engaging in routine patrols and responding to emergencies in a healthcare environment.
About the role
- Head of Information Security managing security operations and compliance at River Island. Partnering with cross-functional teams to embed security across business operations.
Responsibilities
- Define, implement, and evolve River Island’s information security strategy in line with business objectives, regulatory obligations, and risk appetite.
- Lead the development and maintenance of Information Security policies, standards, and controls, ensuring alignment with frameworks such as ISO 27001, NIST CSF, and the SANS Top 18.
- Define and report security KPIs/KRIs to senior management representing risk posture, compliance status, and strategic improvement initiatives.
- Own and manage the Information Security Risk Register; ensure risks are assessed, documented, and mitigated effectively.
- Lead compliance efforts across GDPR, PCI DSS, and other applicable regulations.
- Conduct and coordinate enterprise-wide risk assessments, audits, and internal reviews.
- Champion a pragmatic, risk-based approach to security — balancing protection, productivity, and customer experience.
- Oversee operational security activities, including threat detection, vulnerability management, and incident response.
- Coordinate penetration testing, red-teaming, and vulnerability remediation across applications, infrastructure, and cloud environments.
- Develop and maintain incident response playbooks and lead investigations where required.
- Embed secure-by-design principles and DevSecOps practices across engineering and delivery teams.
- Partner with Legal and the DPO on DPIAs, data transfer assessments and privacy-by-design.
- Oversee third-party risk management, including supplier due diligence, onboarding, and continuous monitoring.
- Support client assurance and audit activities, providing evidence of River Island’s security posture.
- Drive ongoing maturity of the security function through measurable improvement plans, tooling optimisation, and process automation.
- Mentor and develop members of the Information Security team.
Requirements
- Proven experience in a senior information security role, ideally within a complex, multi-channel retail or technology environment.
- Strong technical grounding across key security domains: network, cloud, endpoint, application, and data security.
- Experience managing or working with vulnerability management tools, SIEM/SOC environments, and incident response processes.
- Familiarity with frameworks and standards such as ISO 27001, NIST, CIS, PCI DSS, and GDPR.
- Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organisation.
- Analytical, pragmatic, and calm under pressure — with a focus on enabling the business, not blocking it.
- Security certifications such as CISSP, CISM, or equivalent (desirable).
- Experience in retail, eCommerce, or cloud transformation programs (desirable).
- Understanding of emerging technologies (AI, machine learning, cloud-native architectures) and associated security considerations (desirable).
Benefits
- Generous 50% staff discount so you can treat yourself to the latest products, and a bargain staff shop on site!
- Reducing Islanders everyday expenses through discounts, benefits, financial advice, wellbeing solutions and more through Reward Gateway!
- A free onsite gym, subsidised restaurant & café to fill you needs. Various social events to socialise throughout the year.
- Every family is unique, we support Islanders with all different family setups enhanced maternity, paternity, adoption & fertility treatment. We also work closely with the Retail Trust to create dedicated support for all our Islanders!
- Flexible working is a given, on top of payday and summer early finish Fridays.
- Give as you earn scheme, a ‘Giver Island’ day each year and receive matched funding.
- Support with upskilling through on the job training and qualifications. A succession plan if you want to progress.
- A generous bonus scheme & private pension plan.
- The choice to opt in for healthcare through our provider AXA.
- An allowance supporting your commute to work.
- 25 days paid holiday, exclusive of Bank Holidays. With the added option to purchase additional holiday twice a year for whatever the need!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Técnico de Segurança do Trabalho na Midea Carrier, responsável por garantir a saúde e segurança dos colaboradores. Participação em auditorias, inspeções e elaboração de políticas de segurança.
Analista de Cyber Security Sr. atuando em segurança em nuvem e testes de penetração para o setor aeronáutico na OnSet. Profissional com capacidade analítica e visão de segurança.
Mid - Level Security Design Specialist at Boeing working on enterprise directory services and providing technical support. Engaging in the design, implementation, and maintenance of Ping Directory - based infrastructure services.
Werkstudent in Corporate Security und Business Continuity Management bei Uniper. Unterstützung des Teams bei BCM - Projekten und Administration.
Werkstudent im Corporate Security Team bei Uniper. Mitarbeit an Projekten zur Geschäftskontinuität und Sicherheitsmanagement.
Internship in Cyber Security providing support for research and security development tasks in a collaborative environment. Involvement with cybersecurity topics and emerging technologies.
Associate Consultant in Security and Compliance Services for CBIZ. Engaging in IT and auditing functions to support cybersecurity and compliance efforts.
Cyber Security Technical Lead creating a unified, automated defense posture with CrowdStrike. Focused on integrating security measures and optimizing technology at Fortive.
Corporate Auditor managing audits on application security and IT processes in a hybrid work environment. Coordinating with functional owners for implementation of recommendations.