Find your perfect job


IT Security Manager

Job Function:
Job Type:
Background – Who We Are

We are a leading online fashion retail group. Our brands, boohoo, boohooMAN, PrettyLittleThing MissPap, Nasty Gal and Karen Millen & Coast , design, source, market and sell clothing, shoes, accessories and beauty products targeted at 16-30 year old consumers.

The speed and agility of the group ensures it is first to market with the latest on-trend styles and fashion. Products are designed, sourced, largely in the UK, and subsequently distributed globally from a central UK warehouse.

The group sells products to customers in almost every country in the world, with a strong presence in the UK, US, Europe and Australia.

Founded in Manchester in 2006, boohoo group is an inclusive and innovative brand targeting young, value-orientated customers. For over 10 years, boohoo group has been pushing boundaries to bring its customers up-to-date and inspirational fashion, 24/7. boohoo group has grown rapidly in the UK and internationally, and now has over five million customers

The Role

To provide leadership and management of all aspects of Security, Infosec and Cybersecurity.

More specifically, the role involves:

  • Implementing security strategies and policies, including managing relationships with external organisations.
  • Manage and update business continuity and disaster recovery plans as well as coordinate disaster recovery and business continuity testing for Technology
  • Maintaining the Information Security and Cyber strategy.
  • Undertake threat and vulnerability assessments of applications and infrastructure components across the company
  • Advising senior management on specialised areas of expertise.
  • Ensuring security controls are in line with business risk.
  • Communicating with business managers and staff to advise, influence and determine operational business needs.
  • Monitoring external developments through links with professional associations, industry and academia.
  • Identifying and promoting appropriate risk management activities and security assessments.
  • Arrange the selection, testing, deployment, and maintenance of security hardware and software products as well as third party outsourcing arrangements.
  • Review business plans to ensure there is an adequate focus on security.
Knowledge, Experience and Competencies:
  • Likely to have degree level qualification in Information Security
  • Outstanding client relationship management ability, with exceptional oral and written communication skills.
  • Strong business relation skills
  • thorough understanding and direct experience of PCI Data Security Standards.  The role will be responsible for ensuring the company's infastructure meets the standards for PCI.
  • Knowledge and experience in DPA
  • Knowledge and experience in ISO/IEC 27001 / 27002
  • Information Security Qualification (CISSP, CISM, etc)
  • Proven leadership able coordinate the efforts of others in the delivery of IT Services to the business and engender a spirit of teamwork and cooperation amongst colleagues.
  • Negotiation and infuencing skills.
  • Cost and budget management skills.
  • An attitude that embraces change.
What will I get from the role?
  • Significant input into the shaping and development of your own team and that of the  wider Technology Operations department
  • A varied and challenging role across all aspects of security  
  • Exposure to and interaction with a wide range of internal and external stakeholders at all levels of the organization
  • Competitive salary based on experience
  • Bonus
  • SAYE Share Buying Options
  • Contributory Pension
  • Life Assurance
  • 40% discount on all boohoo group stock
  • On site gym
  • Subsidised restaurant
  • The opportunity to work in a company that encourages engagement and growth!


The Company is committed to equality of opportunity for all applicants including those with criminal convictions. Basic Disclosure Information about criminal convictions may be requested to assist the selection process and will be taken into account only when the conviction is considered relevant to the position. A copy of this disclosure policy is available on request. By continuing with this application you are agreeing to comply with this company policy.