The Hut Group
,
Manchester, Greater Manchester
GRC Technical Consultant
Overview
Job Description
The Hut Group aims to be the Worlds leading Online Health & Beauty Destination. We are currently the UKs leading multi-website online retailer with rapidly growing global operations and a unique proprietary technology platform. With over 16 million customers worldwide and 400 million visits to our sites annually, we understand the importance of reliable technology and a data-driven expertise. Our software is the core of our business and enables the company to continue to grow and thrive. The Groups industry leading and proprietary technology platform powers its own consumer sites plus global media partners and brand owners, including: Unilever, Nintendo and the Daily Mail Group. We develop all of our own applications in-house with our Development Delivery Teams. In order to enable our Delivery Teams to continue to achieve, we are always looking for bright and intellectual people who are happy to push boundaries and really challenge the status quo. Led by world-class technologists with a diverse range of backgrounds ranging from Silicon Valley tech giants (Google, Amazon) through to Hedge funds and Algorithmic Trading Firms. You will be surrounded by highly intellectual and passionate colleagues, all with the common goal to help us grow this business globally, fast. Requirements Working within the information security GRC team, you will manage all technical compliance projects. This will include, but not be limited to, liaising with stakeholders across the group to ensure that the relevant technical controls are in place to meet the relevant standard. You will apply your technical knowledge to advise the business on solutions to meet the requirements or to advise on the implementation and management of corrective actions and solutions where applicable. You will also liaise with external stakeholders that fall within your scope. You will also coordinate operational KPIs to maintain compliance such as vulnerability scanning and penetration testing. The role will also require you to plan and coordinate all internal and external auditing. Key Responsibilities: * Technical compliance projects. * Manage and maintain PCI Compliance across the group. * Provide technical and analytical guidance to the technical teams who maintain PCI systems. * Maintain a risk register * Develop and maintain policies, standards and documentation to support THG policies * Plan and oversee internal and external audit schedule as part of the compliance framework as well as conducting compliance reviews and assessments. * Provide weekly, monthly, quarterly and annual reporting to stakeholders and management * Develop training and awareness programs and materials, and support compliance. * Provide current PCI regulation and information to management and applicable business units and maintaining records to meet compliance requirements. * Project manage any changes such as expanding or de-scoping the PCI environment as part operational requirements * Maintaining internal and third-party functions which service or support PCI compliance such as vulnerability scanning and penetration testing Required Skills: * Good General IT knowledge (Networking, IT Development lifecycle, Segmentation, Patching) * Full understanding on PCI DSS standard. * Previous experience on maintaining/implementing PCI DSS in eCommerce environments * Pragmatic and the ability to multi-task and react very quickly to business requirements * Effective interpersonal skills to build and maintain relationships * Proficient computer skills, especially Microsoft Office applications * Ability to train others and build a sustained compliance culture * (Desirable) knowledge of ISO 27001 * (Desirable) previously qualified ISA or QSA Benefits * Competitive Salary * Youll be joining a growing, intelligent team that will drive business change * Youll have the opportunity to make an impact within the team, applying the skills and methodologies youve learnt * Youll be working for a company with an excellent culture, in a friendly and fast paced environment * Youll be able to react to change with backing from the business * You'll have the opportunity to solve complex business/technical problems