Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the development of ME+EM's information security strategy and manage risk assessments.
- Company: Join ME+EM, a fast-growing luxury fashion brand with a vibrant culture and exciting growth plans.
- Benefits: Enjoy 33 days annual leave, birthday off, generous discounts, and social events.
- Why this job: Be part of a creative team that values innovation, learning, and a fun work environment.
- Qualifications: Experience in information security management and strong communication skills are essential.
- Other info: We celebrate diversity and encourage applications from all backgrounds.
The predicted salary is between 43200 - 72000 £ per year.
Reporting to: CTO
Location: Head Office, White City Place, West London
Contract type: Full Time, 37.5 hours per week
About the Company
ME+EM is one of the UK’s fastest-growing luxury fashion brands. As a direct-to-consumer business we operate in a truly omnichannel way, with an extremely successful online store, monthly mailings and stores in London, Edinburgh and concessions in Harrods and Selfridges. Our exciting growth continues in spring 2024 with the opening of our first US stores.
At ME+EM we are an entrepreneurial, creative, and passionate group of people. We work hard, are enthusiastic to learn and are not afraid to take risks. Everyone contributes to our success at all levels, and that precisely what makes being a member of the team so rewarding.
Our office and stores are always busy and fast paced, but we work just as hard to make sure it’s fun, with social activities and biannual parties. We pride ourselves on being approachable, supportive, and welcoming and ensure that everyone’s hard work is rewarded. It takes all these things to build a strong, successful business and our door is always open to new talent ready to contribute to our growth and evolution.
About the Role
The Information Security Manager (ISM) will be responsible for developing, implementing, and maintaining ME+EM’s information security program. This role will involve managing risk assessments, monitoring compliance, and embedding a robust security culture throughout the organisation. The ISM will act as the primary subject matter expert on information security, ensuring policies are up-to-date, practical, and enforced, and will communicate security risks and opportunities for improvement directly to senior management.
Responsibilities:
- Cyber Security Strategy & Governance
- Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite.
- Lead the development and maintenance of a comprehensive Information Security Management System (ISMS).
- Define and review metrics and KPIs to monitor the effectiveness of security controls.
- Policy Management
- Draft, maintain, and enforce all information security policies, procedures, and standards (e.g. access control, data classification, acceptable use).
- Ensure policies are communicated, understood, and adhered to across departments.
- Review and update policies regularly in line with regulatory changes and business needs.
- Risk Management
- Conduct and manage regular information security risk assessments across the business.
- Identify and evaluate vulnerabilities, threats, and risks to company assets, systems, and data.
- Work with internal teams to prioritise, treat, or accept risks and track mitigation progress.
- Compliance & Audit
- Ensure compliance with relevant security frameworks, data protection laws (e.g. GDPR), and industry standards.
- Manage internal and external security audits, penetration tests, and vulnerability assessments.
- Maintain records of security incidents and lead post-incident reviews and continuous improvements.
- Training & Awareness
- Drive an organisation-wide security awareness program to foster a proactive security culture.
- Deliver targeted training for teams and departments based on their risk profile.
- Communication & Reporting
- Prepare and present risk summaries, compliance reports, and improvement plans to senior stakeholders.
- Act as the primary liaison for third-party security consultants, auditors, and regulators.
- Champion security at the executive level, influencing key decisions and budgeting.
Qualifications:
- Proven experience in a similar Information Security Management or Cyber Risk role.
- Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS).
- Demonstrated experience in drafting and implementing security policies and procedures.
- Strong communication skills with the ability to engage both technical and non-technical audiences.
- Proficiency in conducting security risk assessments and presenting results to senior management.
Required Skills:
- Relevant certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor.
- Experience in retail or e-commerce environments.
- Familiarity with cloud security, especially across SaaS platforms and modern infrastructure (e.g., GCP, Azure).
- Experience with security tools like SIEM, DLP, endpoint protection, and vulnerability scanners.
Benefits:
- 33 days annual leave for full time employees (25 days holiday + 8 bank holidays).
- A day off to celebrate your birthday.
- Pension Scheme.
- Group Life Insurance.
- Employee Assistance Programme (EAP).
- Length of Service Award.
- Refer a Friend Scheme.
- Staff uniform for retail employees.
- Generous Staff and Friends and Family Discount.
- Annual Volunteer Day.
- Cycle to Work Scheme.
- Tech Scheme.
- Eye Care Vouchers.
- Real Living Wage Employer.
- Employee led committees.
- Social events and biannual parties.
- Enhanced maternity and paternity package after 2 years of service.
ME+EM is an equal opportunities employer committed to fostering and preserving a culture of diversity, equality, and inclusion in our workforce. As an equal opportunities’ employer, we do not discriminate against applicants based on race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We believe that diversity enriches our workforce and strengthens our organisation. Therefore, we encourage minorities, LGBTQ+ candidates, and individuals with disabilities to apply for opportunities within our company.
Information Security Manager employer: ME+EM Ltd
Contact Detail:
ME+EM Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Familiarise yourself with ME+EM's business model and values. Understanding their direct-to-consumer approach and luxury branding will help you align your experience in information security with their specific needs.
✨Tip Number 2
Highlight your experience in retail or e-commerce environments during networking opportunities. Engaging with professionals in these sectors can provide insights into the unique security challenges they face, making you a more attractive candidate.
✨Tip Number 3
Stay updated on the latest trends in information security, particularly those relevant to the fashion industry. Being able to discuss current threats and solutions will demonstrate your proactive approach and expertise in the field.
✨Tip Number 4
Prepare to discuss how you would implement a security awareness programme tailored to ME+EM's culture. Showcasing your ability to foster a proactive security culture will resonate well with their emphasis on teamwork and collaboration.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security management and cyber risk. Use keywords from the job description, such as 'risk assessments', 'compliance', and 'security policies' to demonstrate your fit for the role.
Craft a Compelling Cover Letter: In your cover letter, express your passion for information security and how it aligns with ME+EM's values. Mention specific experiences that showcase your ability to develop and implement security strategies, and how you can contribute to their growth.
Showcase Relevant Certifications: List any relevant certifications like CISSP, CISM, or ISO 27001 Lead Implementer/Auditor prominently in your application. This will help establish your credibility and expertise in the field of information security.
Highlight Communication Skills: Since the role requires strong communication skills, provide examples in your application of how you've effectively communicated complex security concepts to both technical and non-technical audiences. This will demonstrate your ability to engage with various stakeholders.
How to prepare for a job interview at ME+EM Ltd
✨Understand the Company Culture
Before your interview, take some time to research ME+EM's culture and values. They pride themselves on being entrepreneurial and creative, so be prepared to discuss how your own values align with theirs and how you can contribute to their dynamic environment.
✨Showcase Your Technical Expertise
As an Information Security Manager, you'll need to demonstrate a strong understanding of information security principles and risk management frameworks. Be ready to discuss specific experiences where you've implemented security policies or conducted risk assessments, and how these relate to the role.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about past challenges you've faced in information security and how you addressed them. Use the STAR method (Situation, Task, Action, Result) to structure your responses effectively.
✨Communicate Clearly and Confidently
You'll need to engage both technical and non-technical audiences, so practice explaining complex security concepts in simple terms. During the interview, focus on clear communication and ensure you convey your ideas confidently, as this will reflect your ability to influence key decisions at the executive level.
