Head of Information Security

Jellycat Toy Co. Ltd.
London
1 day ago
Create job alert

Creating original and innovative luxury soft toys, Jellycat combines luxurious fabrics with quirky and cute designs and sells its products online and via stockists throughout the UK, Europe and the rest of the world.

The Head of Information Security role is the leader of our Information Security strategy and operations. The ideal person will be responsible for protecting our digital assets, eCommerce channels, ensuring the security of customer data, managing a team of 3rd party Information Security professionals, and overseeing third-party Information Security Operations Centers (CSOC) and Virtual Chief Information Security Officers (VCISO) input with the CTO. This role requires a strategic thinker with a strong technical background and excellent leadership skills.

This role will work closely with Jellycat’s Legal and Finance teams on matters of compliance, risks and fraud prevention.

You'll be;

  1. Developing and Implementing Information Security Strategy by designing and executing a comprehensive Information Security strategy to protect the company's information systems and digital assets.
  2. Identifying, assessing, and mitigating Information Security risks across the organization. Conducting regular security risk assessments and audits.
  3. Leading the incident response team to quickly and effectively respond to security breaches and incidents. Developing and maintaining incident response plans and protocols.
  4. Developing and delivering Information Security awareness training programs for global employees to promote a culture of security within the organization.
  5. Mentoring a matrix team of cross-functional IT professionals providing guidance and support to ensure the team's success (scope for future management of a direct team).
  6. Overseeing and coordinating with third-party Information Security Operations Centre (CSOC) and Virtual Chief Information Security Officers (VCISO) to ensure alignment with the company’s Information Security strategy and goals.
  7. Ensuring compliance with relevant Information Security regulations and standards (e.g., ISO27xxx / Cyber Essentials, DPA 2018, GDPR, CCPA, PIPL, CDSL & PCI-DSS). Developing and enforcing security policies and procedures.
  8. Managing relationships with external vendors and service providers, ensuring that their security practices meet company standards.
  9. Evaluating, implementing, and managing security technologies and tools to protect the organization’s digital assets.
  10. Working closely with other departments (e.g., Legal, finance, compliance) to ensure a holistic approach to Information Security.
  11. Providing regular reports to Leadership Team (& occasionally the Board) on the status, KPIs and risks of the organization’s Information Security posture and initiatives.

You'll have;

  1. Experience in Information Security, with at least 3 years in a leadership/senior role, preferably within the retail and e-commerce sector.
  2. The ability to demonstrate awareness and skills via relatable experience or a formal degree in a related subject matter. A formal Infosec certification will be a distinct advantage.
  3. A deep understanding of Information Security frameworks, technologies, and best practices. Proficiency in risk management, incident response, and security operations.
  4. A proven ability to lead and inspire a security culture in cross-functional teams. Strong communication and interpersonal skills.
  5. Excellent problem-solving abilities and attention to detail with the ability to analyze complex security issues and develop effective solutions.
  6. Experience of oversight, design and management of security measures on eCommerce platforms.
  7. Familiarity with relevant global Information Security regulations and standards (e.g., GDPR, PCI-DSS).
  8. Experience in managing third-party Information Security services, including CSOC and VCISO.

#J-18808-Ljbffr

Related Jobs

View all jobs

Head of Information Security

Head of Information Security

Head of Information Security

IT Security Officer

Information Security Officer - Risk and Audit

Information Security Lead - Cyber

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Global vs. Local: Comparing the UK Cybersecurity Job Market to International Landscapes

Understanding opportunities, salaries, and work culture in cybersecurity across the UK, the US, Europe, and Asia Cybersecurity has rapidly ascended from a back-office concern to a strategic priority for every industry. As data breaches, ransomware, and nation-state attacks increase in frequency and sophistication, organisations worldwide are racing to fortify their digital defences. This ongoing surge in cyber threats fuels an unprecedented demand for skilled security professionals—ranging from penetration testers and threat intelligence analysts to cloud security architects and CISOs. In this article, we’ll explore how the UK cybersecurity job market compares to major international hubs in the United States, Europe, and Asia. We’ll discuss job opportunities, salary bands, work culture, and provide guidance for those who might be contemplating remote or overseas positions. By understanding the nuances of each region’s cybersecurity ecosystem, you can make a more informed decision about where and how to advance your career in this high-impact, fast-evolving sector. Whether you’re a seasoned expert with years of experience or a career-changer eager to break into cybersecurity, this overview will help you navigate the global landscape. By the end, you’ll have a clearer perspective on each region’s advantages and challenges—along with practical insights for seizing the best opportunities in a field that has become mission-critical for every modern organisation.

Cybersecurity Leadership for Managers: Strategies to Motivate, Mentor, and Set Realistic Goals in Threat-Driven Environments

In an era of rapidly increasing data breaches, ransomware attacks, and corporate espionage, the importance of robust cybersecurity cannot be overstated. Protecting digital assets has become as essential as safeguarding physical resources, and organisations worldwide rely heavily on specialised teams to defend against sophisticated cyber threats. However, even the most advanced tools and techniques are only as effective as the leadership guiding their use. Cybersecurity leadership requires a dynamic blend of technical know-how, strategic thinking, and people-management skills to maintain readiness against ever-evolving threats. This article is designed for professionals aiming to lead cybersecurity teams or transition into managerial roles where understanding how to motivate, mentor, and set realistic goals is paramount. With insights into building high-performing teams, fostering collaboration, and embracing continuous learning, you’ll be equipped to protect your organisation from a broad spectrum of cyber risks.

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.