Information Security Officer

Ready to shape secure, confident ways of working across our UK business, partnering with teams from Technology to Retail to help manage risk, strengthen compliance and support our global security strategy.

As an Information Security Officer – Risk & Compliance, you’ll be part of a team dedicated to delivering Governance, Risk and Compliance services that help the business manage information and cyber security risks. You’ll work closely with the Global GRC Information Security Manager and play a key role in delivering our GRC strategy across the UK region.

You’ll collaborate with Technology, Digital and Retail teams, including our UK stores, offering clear, confident guidance that helps them make well-informed security decisions. Your broad knowledge of risk management, compliance, security consultancy and assurance, spanning people, processes, technology and third parties, will help shape secure ways of working both in store and online.

You’ll provide expert guidance on security matters, support projects by identifying risks and opportunities, and help teams understand and manage cyber risk through regular engagement and well-maintained risk registers. You’ll lead or support compliance activities such as DSPT, Cyber Essentials + and PCI DSS, help communicate policies and standards, and contribute to training across the UK. Collaboration is key as you work with Data Protection, Data Governance and global security colleagues to safeguard confidential information and strengthen the organisation’s overall security approach.

Your role will involve balancing day-to-day responsibilities with service improvements, prioritising effectively and ensuring workloads remain manageable. You’ll share feedback with the wider global security team, support the development of security technologies and assist in shaping a resilient information security architecture.

We’re looking for someone with experience in information security governance, risk and assurance, supported by a strong background in an information discipline. You’ll also have experience in security management or security risk management, giving you the confidence to lead assessments, guide decisions and support colleagues across the business. You’ll be comfortable developing and maintaining security compliance frameworks aligned to standards like ISO 27001, CIS 18 or NIS CAF.  Your knowledge of configuration management, change control and problem management will help you navigate complex environments.

You communicate confidently with people at every level and remain calm when things get busy or challenging. You offer clear direction when it’s needed and provide support or mentoring to others. You bring a practical, balanced approach to security that helps the organisation make informed decisions.

This role closes on 27th February 2026: however, we may close the advert sooner if we get inundated with high-quality applications.

If you’re ready to make a global impact and help shape the future of security culture at Specsavers, we’d love to hear from you

#LI-GP1