Security and Compliance Manager

{ “@context”: “http://schema.org”, “@type”: “JobPosting”, “title”: “Security and Compliance Manager”, “description”: “

Neve Jewels Group is a UK headquartered, digital-first jewellery company redefining modern luxury through made-to-order design, ethical craftsmanship, and global e-commerce across its brands: Diamonds Factory, Austen & Blake, and Sacet. Our values:

Celebrate the Moment: We honour life’s milestones by creating meaningful, joy-filled jewellery experiences.

Customer Centric Approach: Every decision starts with our customer, delivering personalised service at every step.

Earn Trust and Respect: We build trust through honesty, care, and respect in all relationships.

Experience Led Innovation: We blend tradition and innovation to enhance every jewellery experience.

Empathy for People/Planet: We act with compassion, sourcing ethically and operating sustainably.

Protecting our clients is as important as the quality of our diamonds. We’re looking for a security expert to lead the development and maintenance of our compliance framework. You’ll be the driving force behind our adherence to ISO27001, PCI-DSS, and GDPR, ensuring Neve Jewels remains a trusted leader in luxury retail. You’ll work hand-in-hand with our tech and business teams to embed security into our DNA, monitoring controls and providing the specialist advice needed to safeguard our digital and physical assets.

02 KEY RESPONSIBILITIES

  • Security Architecture & Governance: Design, implement, maintain compliance and manage the Neve Jewels IT security framework, ensuring technical alignment with ISO27001, Cyber Essentials Plus, and PCI-DSS 4.0.
  • Infrastructure Protection: Oversee the security of all corporate and boutique networks, including firewalls, VPNs, end-point protection, and cloud environments (AWS/SaaS).
  • Vulnerability & Patch Management: Lead regular vulnerability scanning and penetration testing schedules; prioritise and oversee the remediation of technical weaknesses across all retail systems and POS terminals.
  • Incident Response & Forensics: Act as the technical lead for all security incidents, managing the end-to-end response, from initial detection and containment to deep-dive forensic analysis and post-incident reporting.
  • Identity & Access Management (IAM): Establish and enforce rigorous access controls and Multi-Factor Authentication (MFA) protocols to ensure only authorised personnel can access high-value client and financial data.
  • Secure Software Development: Partner with the Digital/E-commerce teams to ensure "Security by Design" is integrated into the Neve Jewels website, mobile apps, and internal bespoke tools.
  • Third-Party Technical Assurance: Conduct deep-dive technical security assessments of all IT vendors, cloud providers, and digital partners to ensure they meet our elite encryption and data-handling standards.
  • Monitoring & Threat Intelligence: Manage Security Operations (SOC) activities, including SIEM monitoring and log analysis, to proactively hunt for emerging threats against the luxury retail sector.
  • Disaster Recovery & Business Continuity: Lead the technical design and testing of IT disaster recovery plans, ensuring the business can remain operational and secure in the event of a system failure or cyber-attack.
  • Technical Advisory: Provide expert security consultation on all new IT projects, hardware procurement, and boutique technology rollouts (e.g., smart mirrors, IoT, or advanced CCTV integration).

IT Compliance

  • Audit Orchestration: Act as the primary lead for all internal and external IT audits; coordinate with department heads to gather evidence, manage auditor walkthroughs, and ensure zero "major non-conformities."
  • Control Monitoring & Testing: Establish a continuous monitoring programme to test the effectiveness of IT controls (e.g., access reviews, backup logs, and encryption standards), providing regular "compliance health" reports to senior management.
  • Policy Governance: Author and maintain the suite of IT policies and procedures (e.g., Acceptable Use, Incident Response, and Disaster Recovery), ensuring they are practical for a luxury retail environment and legally robust.
  • Third-Party Risk Management (TPRM): Manage the IT compliance vetting process for all new vendors, ensuring high-value partners (from e-commerce platforms to cloud storage) sign and adhere to our security schedules.
  • Remediation Tracking: Identify gaps in the technical landscape and work with the IT Infrastructure team to track and close out remediation plans, ensuring risks are downgraded within agreed SLAs.
  • Asset & Identity Governance: Perform quarterly audits of user access rights and hardware inventories to ensure only authorised staff have access to Neve Jewels’ most sensitive financial and client data.
  • Litigation & Discovery Support: Assist in technical investigations or Subject Access Requests (SARs) by ensuring data is archived and retrievable in a legally defensible manner.
  • Compliance Training: Develop and deliver targeted training for the IT team on compliance obligations, ensuring every engineer understands their role in maintaining our certifications.

Data Protection

  • Strategic Privacy Governance: Lead the design and maintenance of the Neve Jewels privacy framework, ensuring total alignment with GDPR and UK GDPR
  • Privacy by Design & Impact: Orchestrate the Data Protection Impact Assessment (DPIA) process for all high-value retail initiatives, from luxury loyalty programmes to boutique surveillance, ensuring privacy is woven into every customer touchpoint.
  • Rights & Breach Management: Oversee the end-to-end execution of Subject Access Requests (SARs) and data breach protocols, ensuring any risks to client confidentiality are contained and reported within the mandatory 72-hour window.

03 REQUIRED SKILLS & EXPERIENCE

You are a seasoned Security and Privacy professional with a minimum of 5+ years of experience leading compliance and data protection programmes. You possess a unique 'triple-lens' capability: the technical expertise of an IT Security Manager, the methodical rigour of a Compliance Lead, and the legal authority of a Data Protection Officer (DPO).

With a strong understanding of ISO27001, PCI-DSS, and GDPR, you build resilient, frameworks that protect high-value assets and client trust. You are a pragmatic advocate for 'Privacy by Design', ensuring that every digital innovation at Neve Jewels is built on a foundation of ironclad security.

An exceptional communicator and strategic thinker, you have the gravitas to advise the Board of Directors on regulatory risk and the technical fluency to partner with IT Engineering teams. You are a self-starter who thrives on independence, acts with absolute discretion, and stays at the cutting edge of emerging cyber threats and shifting privacy legislation.

04 PREFERRED QUALIFICATIONS

  • Retail Cyber Defence: Proven experience securing high-volume E-commerce platforms and Point of Sale (POS) systems against DDoS, SQL injections, and credential stuffing.
  • PCI-DSS Mastery: Deep expertise in achieving and maintaining PCI-DSS Level 1 compliance for global credit card processing.
  • Third-Party Risk Management: Experience auditing the security posture of Cloud providers, Nearshore development partners, and logistics vendors.
  • Incident Response Leadership: A track record of leading "War Room" scenarios for data breaches or ransomware attacks.
  • Security Architecture: Experience embedding "Security by Design" into Agile delivery cycles and DevOps pipelines
  • Global Privacy Regulation: Expert knowledge of UK/EU GDPR, CCPA, and other regional privacy laws relevant to a global retail footprint.
  • Privacy Impact Assessments (DPIA): Extensive experience conducting DPIAs for new retail technologies, such as AI-driven personalisation, biometrics, or loyalty apps.
  • Data Subject Rights (DSARs): Proven ability to build scalable processes for handling high volumes of customer data requests and "Right to be Forgotten" queries.
  • Regulatory Liaison: Experience acting as the primary point of contact for the Information Commissioner’s Office (ICO) or equivalent national authorities.
  • Privacy Culture: A history of designing and delivering privacy training for diverse retail staff, from board-level executives to store-floor colleagues

05 WHY JOIN NEVE JEWELS

  • Join a fast-growing business where your contributions matter and your ideas are valued
  • Work in a supportive, transparent environment that encourages innovation and excellence
  • Enjoy flexibility with 3 days a week in our vibrant Hatton Garden office and 2 days working from home
  • Flexi hours – start your day between 8am and 10am, then finish between 4pm and 6pm
  • Comprehensive Vitality private healthcare, offering access to high quality medical support and wellness benefit
  • Enjoy your birthday, with an extra day of leave to celebrate
  • Access to Perkbox for exclusive discounts, rewards, and wellbeing benefits to help you make the most of your work-life balance
  • 25 days annual leave + bank holidays
  • Enhanced maternity and paternity leave entitlements

Our Commitment to Diversity & Inclusion

At Neve Jewels Group we are committed to providing a work environment that supports, inspires, and respects all individuals. We do not discriminate on the basis of gender, race, colour, religion, age, disability, belief, sexual orientation, marital status, or is disadvantaged by conditions or requirements which cannot be shown.

#J-18808-Ljbffr”, “datePosted”: “2026-05-03”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Neve Jewels Group”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__421998041__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }
Company: Neve Jewels Group
Apply for the Security and Compliance Manager
Location: London
Job Description:

Neve Jewels Group is a UK headquartered, digital-first jewellery company redefining modern luxury through made-to-order design, ethical craftsmanship, and global e-commerce across its brands: Diamonds Factory, Austen & Blake, and Sacet. Our values:

Celebrate the Moment: We honour life’s milestones by creating meaningful, joy-filled jewellery experiences.

Customer Centric Approach: Every decision starts with our customer, delivering personalised service at every step.

Earn Trust and Respect: We build trust through honesty, care, and respect in all relationships.

Experience Led Innovation: We blend tradition and innovation to enhance every jewellery experience.

Empathy for People/Planet: We act with compassion, sourcing ethically and operating sustainably.

Protecting our clients is as important as the quality of our diamonds. We’re looking for a security expert to lead the development and maintenance of our compliance framework. You’ll be the driving force behind our adherence to ISO27001, PCI-DSS, and GDPR, ensuring Neve Jewels remains a trusted leader in luxury retail. You’ll work hand-in-hand with our tech and business teams to embed security into our DNA, monitoring controls and providing the specialist advice needed to safeguard our digital and physical assets.

02 KEY RESPONSIBILITIES

  • Security Architecture & Governance: Design, implement, maintain compliance and manage the Neve Jewels IT security framework, ensuring technical alignment with ISO27001, Cyber Essentials Plus, and PCI-DSS 4.0.
  • Infrastructure Protection: Oversee the security of all corporate and boutique networks, including firewalls, VPNs, end-point protection, and cloud environments (AWS/SaaS).
  • Vulnerability & Patch Management: Lead regular vulnerability scanning and penetration testing schedules; prioritise and oversee the remediation of technical weaknesses across all retail systems and POS terminals.
  • Incident Response & Forensics: Act as the technical lead for all security incidents, managing the end-to-end response, from initial detection and containment to deep-dive forensic analysis and post-incident reporting.
  • Identity & Access Management (IAM): Establish and enforce rigorous access controls and Multi-Factor Authentication (MFA) protocols to ensure only authorised personnel can access high-value client and financial data.
  • Secure Software Development: Partner with the Digital/E-commerce teams to ensure “Security by Design” is integrated into the Neve Jewels website, mobile apps, and internal bespoke tools.
  • Third-Party Technical Assurance: Conduct deep-dive technical security assessments of all IT vendors, cloud providers, and digital partners to ensure they meet our elite encryption and data-handling standards.
  • Monitoring & Threat Intelligence: Manage Security Operations (SOC) activities, including SIEM monitoring and log analysis, to proactively hunt for emerging threats against the luxury retail sector.
  • Disaster Recovery & Business Continuity: Lead the technical design and testing of IT disaster recovery plans, ensuring the business can remain operational and secure in the event of a system failure or cyber-attack.
  • Technical Advisory: Provide expert security consultation on all new IT projects, hardware procurement, and boutique technology rollouts (e.g., smart mirrors, IoT, or advanced CCTV integration).

IT Compliance

  • Audit Orchestration: Act as the primary lead for all internal and external IT audits; coordinate with department heads to gather evidence, manage auditor walkthroughs, and ensure zero “major non-conformities.”
  • Control Monitoring & Testing: Establish a continuous monitoring programme to test the effectiveness of IT controls (e.g., access reviews, backup logs, and encryption standards), providing regular “compliance health” reports to senior management.
  • Policy Governance: Author and maintain the suite of IT policies and procedures (e.g., Acceptable Use, Incident Response, and Disaster Recovery), ensuring they are practical for a luxury retail environment and legally robust.
  • Third-Party Risk Management (TPRM): Manage the IT compliance vetting process for all new vendors, ensuring high-value partners (from e-commerce platforms to cloud storage) sign and adhere to our security schedules.
  • Remediation Tracking: Identify gaps in the technical landscape and work with the IT Infrastructure team to track and close out remediation plans, ensuring risks are downgraded within agreed SLAs.
  • Asset & Identity Governance: Perform quarterly audits of user access rights and hardware inventories to ensure only authorised staff have access to Neve Jewels’ most sensitive financial and client data.
  • Litigation & Discovery Support: Assist in technical investigations or Subject Access Requests (SARs) by ensuring data is archived and retrievable in a legally defensible manner.
  • Compliance Training: Develop and deliver targeted training for the IT team on compliance obligations, ensuring every engineer understands their role in maintaining our certifications.

Data Protection

  • Strategic Privacy Governance: Lead the design and maintenance of the Neve Jewels privacy framework, ensuring total alignment with GDPR and UK GDPR
  • Privacy by Design & Impact: Orchestrate the Data Protection Impact Assessment (DPIA) process for all high-value retail initiatives, from luxury loyalty programmes to boutique surveillance, ensuring privacy is woven into every customer touchpoint.
  • Rights & Breach Management: Oversee the end-to-end execution of Subject Access Requests (SARs) and data breach protocols, ensuring any risks to client confidentiality are contained and reported within the mandatory 72-hour window.

03 REQUIRED SKILLS & EXPERIENCE

You are a seasoned Security and Privacy professional with a minimum of 5+ years of experience leading compliance and data protection programmes. You possess a unique ‘triple-lens’ capability: the technical expertise of an IT Security Manager, the methodical rigour of a Compliance Lead, and the legal authority of a Data Protection Officer (DPO).

With a strong understanding of ISO27001, PCI-DSS, and GDPR, you build resilient, frameworks that protect high-value assets and client trust. You are a pragmatic advocate for ‘Privacy by Design’, ensuring that every digital innovation at Neve Jewels is built on a foundation of ironclad security.

An exceptional communicator and strategic thinker, you have the gravitas to advise the Board of Directors on regulatory risk and the technical fluency to partner with IT Engineering teams. You are a self-starter who thrives on independence, acts with absolute discretion, and stays at the cutting edge of emerging cyber threats and shifting privacy legislation.

04 PREFERRED QUALIFICATIONS

  • Retail Cyber Defence: Proven experience securing high-volume E-commerce platforms and Point of Sale (POS) systems against DDoS, SQL injections, and credential stuffing.
  • PCI-DSS Mastery: Deep expertise in achieving and maintaining PCI-DSS Level 1 compliance for global credit card processing.
  • Third-Party Risk Management: Experience auditing the security posture of Cloud providers, Nearshore development partners, and logistics vendors.
  • Incident Response Leadership: A track record of leading “War Room” scenarios for data breaches or ransomware attacks.
  • Security Architecture: Experience embedding “Security by Design” into Agile delivery cycles and DevOps pipelines
  • Global Privacy Regulation: Expert knowledge of UK/EU GDPR, CCPA, and other regional privacy laws relevant to a global retail footprint.
  • Privacy Impact Assessments (DPIA): Extensive experience conducting DPIAs for new retail technologies, such as AI-driven personalisation, biometrics, or loyalty apps.
  • Data Subject Rights (DSARs): Proven ability to build scalable processes for handling high volumes of customer data requests and “Right to be Forgotten” queries.
  • Regulatory Liaison: Experience acting as the primary point of contact for the Information Commissioner’s Office (ICO) or equivalent national authorities.
  • Privacy Culture: A history of designing and delivering privacy training for diverse retail staff, from board-level executives to store-floor colleagues

05 WHY JOIN NEVE JEWELS

  • Join a fast-growing business where your contributions matter and your ideas are valued
  • Work in a supportive, transparent environment that encourages innovation and excellence
  • Enjoy flexibility with 3 days a week in our vibrant Hatton Garden office and 2 days working from home
  • Flexi hours – start your day between 8am and 10am, then finish between 4pm and 6pm
  • Comprehensive Vitality private healthcare, offering access to high quality medical support and wellness benefit
  • Enjoy your birthday, with an extra day of leave to celebrate
  • Access to Perkbox for exclusive discounts, rewards, and wellbeing benefits to help you make the most of your work-life balance
  • 25 days annual leave + bank holidays
  • Enhanced maternity and paternity leave entitlements

Our Commitment to Diversity & Inclusion

At Neve Jewels Group we are committed to providing a work environment that supports, inspires, and respects all individuals. We do not discriminate on the basis of gender, race, colour, religion, age, disability, belief, sexual orientation, marital status, or is disadvantaged by conditions or requirements which cannot be shown.

#J-18808-Ljbffr…

Posted: May 3rd, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire