Our portfolio companies are always looking for great people. Apply to the opportunities below or send us your profile.

Head of Information Security - Governance, Risk and Compliance at The Hut Group
Manchester, GB

THG is one of the fastest growing online retailers on the planet. We have over a decade of building and growing brands in the Beauty and Wellness sectors, across over 140 markets. We specialise in creating brilliant digital brand experiences and we aim to be the World's leading Online Health & Beauty Destination. We are currently the UK's leading multi-website online retailer with rapidly growing global operations and we currently have over 16 million customers worldwide.

We are building a world-class business with global ambitions, a proprietary technology platform, and disruptive business model. Our culture is fast-paced and ambitious - we like to move twice as fast as you might think is possible. That's how the company operates, and it is part of the DNA that has led to our incredible growth. We have over 4,000 diverse, smart thinkers - our people are unquestionably our strength. Wherever in the world they are, whatever their role, we encourage our people to share the smart thinking, and give them the support to see their ideas made real. We have built an environment that empowers our people to achieve their full potential, creating innovative digital experiences that deliver results.

As part of our hyper growth we seek to hire and develop well-rounded, commercially astute, ambitious people that can bring fresh and innovative thinking to THG and drive us forward.

About the division

About the Technology @ THG

Our software is the core of our business and enables the company to continue to grow and thrive. The Group’s industry leading and proprietary technology platform powers its own consumer sites plus global media partners and brand owners, including: Unilever, Nintendo and the Daily Mail Group. We develop all of our own applications in-house with our Development Delivery Teams. In order to enable our Delivery Teams to continue to achieve, we are always looking for bright and intellectual people who are happy to push boundaries and really challenge the status quo.

The Role:

We are looking for a Information Security Manager to Lead the Governance Risk and Compliance team. The ideal candidate should have strong management experience to lead the team and will be able to make an immediate impact in operating and improving Information Security Governance, Risk and Compliance.


Duties and Responsibilities:

  • Provide leadership, advice and guidance to the team as well as manage internal and external stakeholder’s expectation
  • Excellent writing skills and communication skills to communicate with all levels of the business and to ensure that the vision and requirements of Information Security are effectively met. This includes providing pragmatic and sound advice to internal stakeholders and ensuring best practice is adhered to in all instances
  • Experience in compliance implementation (ISO27001, PCI, GDPR, Risk Management)
  • The candidate must have the ability to coordinate multiple aspects of work and effectively delegate the work to various team members
  • Understand technical and legal documentation to provide business recommendation
  • Independently managing information security projects
  • Delivering work independently, in a timely manner to suit the pace of the organisation
  • Mentoring junior team members
  • Managing expectations and reporting to senior stakeholders
  • Writing clear and accurate reports, policy
  • Communicating complex subjects clearly

We are looking for experience in at least two of the following areas:

  • ISO27001 – Lead Auditor or Implementer qualified, with experience of implementation
  • Information security risk assessments
  • Implementation and Auditing information security controls
  • GDPR – substantial experience of implementing GDPR, not just awareness
  • Third-party information security assessments

One or more of the following certifications would be preferred, but are not essential:

  • SSCP
  • ISO27001 Lead Auditor or Lead Implementer
  • CISA
  • CISM
  • CIPP/E


What’s in it for you

  • Competitive Salary, plus a bonus
  • You’ll be joining a growing, intelligent team that will drive business change
  • You’ll have the opportunity to make an impact within the team, applying the skills and methodologies you’ve learnt
  • You’ll be working for a company with an excellent culture, in a friendly and fast paced environment
  • You’ll be able to react to change with backing from the business
  • You'll have the opportunity to solve complex business/technical problems

Stay in touch with Balderton

Sign up for our newsletter to stay up to date on news from Balderton, and our portfolio.