Head of Information Security

THE ALLSAINTS TEAM

At AllSaints we are in the business of feelings - making our customers feel cool and confident. If, like us, you believe in the power of a great outfit, we'd love to talk to you.

We're a global brand made up of a very diverse mix of talented people in a huge variety of roles. Our products are designed in house and made by a small number of suppliers and artisans around the world to sustainable standards.

We are a brand embarking on a very exciting plan and we are seeking new members of the team who want to contribute to this.

THE ROLE

As Head of Information Security, you will lead the strategy and execution of the AllSaints and John Varvatos cyber security agenda. Reporting to the Chief Transformation and Technology Officer, you’ll be responsible for developing security strategies and policies to help us manage risk and comply with all relevant global regulations, including how we manage our cyber security investments to help us stay at the forefront of cyber resilience.

In addition, you’ll lead a team to combat evolving cyber threats, including ensuring that everyone in our business is playing their role to help keep us safe and secure. This strategic role bridges technology and the wider business, focusing on both proactive information security measures and ensuring we have the right business continuity responses ready.

WHAT WILL I BE DOING?

• Strategy & Policy: Setting the vision for security, creating policies, and implementing technical/organisational controls
• Risk Management: Identifying, assessing, and mitigating information security risks
• Leadership: Managing security teams, driving best practices, and developing talent
• Compliance: Ensuring adherence to laws, regulations, and internal standards
• Threat Intelligence: Staying ahead of emerging threats and developing proactive defenses
• Stakeholder Engagement: Acting as the key contact for security matters with business units and executives and ensuring all teams are engaged and aware of the role they can play in keeping the organisation safe and secure
• Transformation: Ensuring that our investments in new technology are given appropriate rigour from a security perspective and advocating for a secure by design approach
• Incident response: Taking the lead on cyber incident response and ensuring that the right processes and protocols are in place should an incident occur, including running regular exercises with the SLT
• Business continuity: ensuring that we have strong, up-to-date and well-understood business continuity plans in place at all times

WHAT SKILLS DO I NEED?

• Extensive Leadership Experience: Designing and implementing complex security frameworks in global retail or similar high-transaction environments
• Cloud Security Expertise: Strong hands-on experience with cloud platforms, specifically Google Cloud Platform (GCP)
• Technical Proficiency: Deep knowledge of network security, encryption, identity management (IAM), and secure software development lifecycles
• Compliance Knowledge: Practical experience in establishing frameworks such as ISO27001, PCI-DSS, or NIST
• AI/ML Awareness: Understanding of security requirements for machine learning and automated data processing
• Communication Skills: Ability to effectively communicate security risks to both technical teams and non-technical executive stakeholders

ABOUT THE LOCATION

Based in our East London Studios in vibrant Shoreditch with perks and benefits offered from local businesses including discounts on food, shopping and health & beauty. Studio Location. Approximately a 10 minute walk from Liverpool Street Station and a 5 minute walk from Shoreditch High Street.

WHAT WE STAND FOR

The Customer is the Boss We work as one proud team to get the best for our customers

One Team We are joined up and encourage others to share their ideas

We Do What We Say We Will We know our goals, and we work with clear outcomes in mind

We Are Responsible We are self aware, understand the impact we have on others and are positive about the future