Security Engineering Manager

albelli and Photobox Group have merged to create a leading player in the online European Photo Product and Gifting market. Together we now serve a pan-European customer base of over 7 million customers, supported by our 1,150 colleagues across the United Kingdom, the Netherlands, France, Spain, Germany, Norway and Sweden. We are focussed on inspiring our customers to easily make beautiful photo products and bring their special moments to life.

Purpose

Technology is at the core of the albelli - Photobox Group and technology powers our commercial and production operations across Europe. Our technology platforms enable our customers to transform photographs into the most thoughtful gifts. We understand these aren’t just photos, they’re treasured moments.

That’s why every part of the experience, from website to factory to front door, is designed to delight. To secure these treasured moments, albelli - Photobox Group is now seeking to appoint a Security Engineering Manager. For this role we’re looking for a pragmatic & hands on security leader with responsibilities across the albelli - Photobox Group of operating companies in the UK, Netherlands, Norway, France, Spain & Germany.

You will be responsible for the definition and delivery of our overall Security strategy across three core pillars of Security Operations; Governance/Risk/Compliance and Product & Platform Security. You’ll be passionate about improving security processes, standards and operations across the business. You will lead multiple initiatives to ensure that the albelli - Photobox Group achieves objectives for security assurance and security compliance, while leading a small direct team and influencing executives and key stakeholders.

Key Areas of Responsibility:

• Define and implement an overall Information Security Strategy, Budget and Vision
• Implement appropriate security governance & controls for technology & business initiatives
• Brief key stakeholders on operational risks and / or compliance issues
• Establish, monitor and enforce information security standards
• Mentor the professional development of direct and indirect reports, helping them build and execute personal development plans that map to our organisation goals
• Lead or support ongoing security & compliance initiatives, including PCI and GDPR.
• Proactively engage with product & software engineering teams to ensure that security requirements are identified and prioritised throughout the software development lifecycle.
• Build employee security engagement, education and awareness through formal and informal initiatives.
• Performing Third Party risk assessments

Requirements:

• You’ll have experience leading a security function in a large consumer focussed business
• You’ll enjoy building relationships with key stakeholders and be an inspiring leader and mentor able to attract and retain outstanding information security talent.

More specifically your background & experience will include:

• You will have experience with products & services hosted in public cloud platforms such as AWS
• You’ll know secure coding standards, ethical hacking techniques, SIEM and risk analysis
• Implementation of tools & processes to enable a Secure Software Development Lifecycle
• Knowledge of PCI & GDPR and the business and technology changes required to achieve & maintain compliance
• Experience of security incident detection & response
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
• You’ll be comfortable explaining security threats and risks to a broad audience and the appropriate mitigation techniques and strategies
• Being a supportive leader for your team, balancing multiple priorities and initiatives whilst keeping the team organised and focused on achieving their goals
• The practical application of soft skills required to engage and influence at senior levels within an organisation and to motivate, inspire and develop team members

We offer

• A fast-growing e-commerce environment
• An international company hosting over 50 nationalities
• Competitive compensation, relocation support, and lots of benefits (such as a discounted gym membership)
• Budget for personal growth and development, including external training, courses, and conferences
• 26 days of annual leave with a healthy work-life balance
• A flexible hybrid work set up with a minimum of 2 days per month in the office and everything you need for a proper work from home setup
• An informal, fun, proactive, and inclusive culture with a social atmosphere (Friday drinks, parties, sports, etc.) to be resumed properly post COVID-19!
• A central location in one of Europe’s most vibrant cities, Barcelona!

We are working in a hybrid environment and this role is based in our Barcelona office, situated in a WeWork by Plaça de les Glòries Catalanes, a hub for technology and innovation. Within walking distance of public transport, the beach and shopping centres, the office has great facilities (coffee, tea, showers, bike parking, social events and more) with a modern working atmosphere. There are approx. 10 people in the office, who work across all areas of the business, with a focus on analytics, marketing, and technology.