MOO is a design-led, technology and manufacturing business that operates in the global print and branded merchandise market.
The company is a leader in the market's premium segment, with premium products and compelling ESG credentials. Customers are typically brand conscious SMEs based in North America, the UK, and Europe. MOO's relentless focus on the customer has helped create an award-winning and much-loved brand, with exceptional customer satisfaction ratings.
A recipient of British business's highest award, 'The Queen's Award for Enterprise', MOO has also been profiled in the Financial Times, was ranked in the top 10 UK start-up companies by the Guardian Newspaper, and is part of the 'Future 50'.
Founded in 2004, MOO employs 400 people today, and is headquartered in the UK, but with the majority of sales and key operations in the USA. The company has raised Venture Capital from Index Ventures, Accomplice, and LocalGlobe.
We're looking for a hands-on Head of Security to build and scale our security, privacy, and resilience capabilities across the business. This role combines strategic leadership with operational delivery, partnering closely with Technology, Product, Legal, and Leadership teams to protect customer trust while enabling growth and innovation.
You'll define and lead our security strategy, establish governance and compliance frameworks, strengthen cloud and third-party security, and drive incident response and resilience planning across the organisation.
Responsibilities
As our security leader, you will bring a hands-on, builder mindset to establish a security-first, privacy-centric, and resilient organisation. Your focus will span four key pillars:
Strategic Security Leadership & Governance
Strategy & Roadmap: Define and execute a business-aligned information security strategy, prioritizing compliance, privacy, AppSec, and resilience.
Governance & Reporting: Chair the Security Governance Forum, define risk appetite and KRIs, and manage a quarterly board-level reporting cadence.
Security Guardrails: Drive the near-term adoption of UK Cyber Essentials and CIS AWS Foundations, establishing centralized monitoring and alerting (via Wiz/Security Hub).
Data Privacy & Compliance
End-to-End Privacy: Own the GDPR and PCI-DSS compliance programmes, embedding "Privacy by Design" and data minimization directly into our delivery processes.
Legal Partnership: Collaborate with Legal to manage DPAs, transfer mechanisms, and data classification standards across the business.
Audit Readiness: Keep the organization continuously prepared for external compliance audits and regulatory assessments.
Incident Response & Business Resilience
Incident Command: Own the incident response plan, acting as incident commander during crises and managing executive, customer, and regulator communications.
BC/DR Architecture: Define and test disaster recovery strategies to meet strict RTO/RPO targets of 12 hours, covering critical scenarios such as AWS region outages or database loss.
Simulation Cadence: Lead quarterly cross‑functional tabletop exercises and live simulations to keep our response teams sharp.
Third-Party & Cloud Security
Vendor Risk Management: Establish pre‑procurement security gates, continuous monitoring SLAs, and clear breach‑notification obligations in supplier contracts.
Cloud Posture: Partner with Technology to drive cloud security posture management (IAM, network segmentation, encryption, secrets management).
SaaS Governance: Tighten SaaS ownership and eliminate shadow IT across the business.
About You
Experience & Expertise
- 10+ years' experience in information security, including leadership-level responsibility
- Proven experience building and scaling security and privacy programmes within growing organisations
- Strong hands-on knowledge of GDPR, PCI-DSS, incident response, and resilience planning
- Experience working within cloud-first environments, ideally AWS
- Strong understanding of security within e-commerce, fintech, or customer-data-led businesses
- Comfortable operating as both a strategic leader and hands-on practitioner
Leadership & Communication
- Excellent stakeholder management and executive communication skills
- Able to translate complex security and privacy risks into practical business decisions
- Collaborative and pragmatic approach, balancing security with business delivery and innovation
- Strong cross-functional partnership experience across Engineering, Product, Legal, Finance, and Operations
- A builder mindset with a focus on continuous improvement and enablement rather than gatekeeping
What's it like to work at MOO?
MOO's the kind of workplace where you can really be yourself. Dye your hair purple. Hit the sofa with your laptop. Whatever helps you feel comfortable and happy at work. We want to help you grow in your career and set you up for success – while also recognising the importance of a healthy work‑life balance.
That’s why we offer 25 days holiday rising by one day for each year here (for 5 years), a matched pension scheme, and paid parental leave. We'll offer you private healthcare, life insurance, a season ticket loan, and a cycle to work scheme. We also offer flexible work schedules with hybrid and remote working for certain roles as well as a Work From Anywhere program.
Diversity Statement
We are working hard to create a representative, inclusive and super‑friendly team, because we know that different experiences, perspectives and backgrounds make for a better workplace. And that creates a better experience for our customers. MOO doesn't discriminate on the basis of race, colour, religion or belief, gender, national origin, age, sexual orientation, marital status, disability or any other protected class.
As a design and technology company we have a desire and a responsibility to build a business that represents the world around us. So we strive to create a values‑driven, purposeful and highly empowered organisation that we are all proud to work for. And we are committed to continuous investment in building an open and inclusive environment, welcoming a diverse audience of candidates who see themselves working and thriving at MOO. Therefore, we'd like to invite you to complete this optional survey to help us evaluate our inclusion and diversity efforts. Completing this form is entirely voluntary and if you decide not to it won't in any way affect your job application. We keep the information separate from your application and it is kept secure and confidential, it is only used to better our inclusion and diversity efforts.By submitting this information, you consent to MOO's processing of it for these purposes.
