×
Register Here to Apply for Jobs or Post Jobs. X

Information Security & Compliance Manager

Job in Nottingham, Nottinghamshire, NG1, England, UK
Listing for: Charlotte Tilbury
Full Time position
Listed on 2026-07-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

About Charlotte Tilbury Beauty

Founded by British makeup artist and beauty entrepreneur Charlotte Tilbury MBE in 2013, Charlotte Tilbury Beauty has revolutionised the face of the global beauty industry by de‑coding makeup applications for everyone, everywhere, with an easy‑to‑use, easy‑to‑choose, easy‑to‑gift range. Today, Charlotte Tilbury Beauty continues to break records across countries, channels, and categories and to scale at pace.

Over the last 10 years, Charlotte Tilbury Beauty has experienced exceptional growth and is one of the most talked about brands in the beauty industry and beyond. It has become a global sensation across 50 markets (and growing), with over 2,300 employees globally who are part of the Dream Team making the magic happen.

Today, Charlotte Tilbury Beauty is a truly global business, delivering market‑leading growth, innovative retail and product launches fuelled by industry‑leading tech — all with an internal culture of embracing challenges, disruptive thinking, winning together, and sharing the magic. The energy behind the brand is infectious, and as we grow, we are always looking for extraordinary talent who want to be part of this our success and help drive our limitless ambitions.

About

the role

Security and Compliance are critical business functions within Charlotte Tilbury. As a company that deals with a large volume of sensitive customer data, it is imperative that we adhere to modern security standards and remain compliant with the relevant regulations in each region we operate. Equally, the protection of our intellectual property and the productivity of our teams is essential to our continued success.

The Information Security and Compliance Manager will be responsible for developing and overseeing control systems to prevent or deal with breaches of data security and privacy. You will also evaluate the efficiency of these controls and improve them continuously. You will collaborate with the IT department, the Legal department, and other stakeholders to monitor and enforce compliance standards and regulations. You will also provide guidance and training on information security matters and best practice to employees and partners of the business.

Policy,

Process and Documentation
  • Coordinate the development of best practice policies and standards related to IT security and data processing.
  • Ensure that all policies and standards are regularly reviewed and updated to be in line with regulatory and control requirements.
Security Operations
  • Be accountable for technical security controls including EDR, SIEM, DLP, SSE/SGW, CSPM, vulnerability management, identity security and endpoint compliance ensuring it is fit for purpose and being used to its full potential.
  • Partner with and challenge Technology Operations on secure design, implementation and operational support of workplace, identity and endpoint technologies.
  • Define and maintain build standards for Windows, MacOS, Android and iOS devices.
  • Define security and compliance standards for cloud hosting environments, including AWS and GCP.
  • Oversee penetration testing, bug bounty programs and red team exercises.
  • Investigate security events and contain incidents in a timely manner.
Compliance
  • Manage and oversee technology risk management activities.
  • Identify areas of non or weak compliance and drive improvement. This could be related to process, system security, documentation or any aspect of security/compliance.
  • Develop and implement relevant security and compliance reporting to management and risk committees.
  • Develop and manage an information security risk register to address risk issues and action plans from all sources.
  • Coordinate information security internal audit and participate in external audits.
  • Collaborate with the IT department, the Legal department, and other stakeholders to monitor and enforce the compliance standards and regulations.
  • Take ownership of vendor assessments, third party risk assessments and supply chain vulnerabilities.
Awareness
  • Develop and lead information security awareness and training initiatives, including phishing exercises and compliance training.
  • Maintain an up‑to‑date understanding of emerging trends in…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary