Card Factory

  • Distribution Centre - Wakefield
A superb role within the IT function with Card Factory, market leader in Cards and Giftware.



Since our launch in 1997, Card Factory has become the fastest growing greetings card retailer in the UK and one of the leading lights of the industry. We sell a wide selection of cards, as well as gifts, gift bags and decorative wrapping materials. When it comes to special occasions, whatever the need, we’ve got it wrapped up! And we’re still growing; today we have over 900 stores, in every corner of the UK, with more popping up all the time.



Key responsibilities include:



Operational Security


Monitor network for security issues and respond to alerts and events generated by SIEM;
Fix detected vulnerabilities to maintain a high-level of compliance;
Arrange and manage regular penetration tests;
Help colleagues understand information security through education and communication;
Ensure patch levels are up to date and in accordance with patching policy;
Manage and monitor end point security.




Information Security Governance


Implement an Information Security Management System managing Information Security to an agreed and understood level of risk;
Manage resolution of issues identified during external and internal audits.
Produce a periodic reporting pack, demonstrating management of controls environment.




Project Security


Ensure that Information Security policies and controls are applied, new risks are addressed and security architecture is appropriate;
For systems changes ensure that appropriate testing is undertaken to validate the effectiveness of Information security controls.




Risk & Controls


Develop Information Security Risk & Controls reporting in line with Group Audit Committee requirements;
Monitor the risk and control framework for Information Systems risks such that risk are understood and appropriate controls are agreed and delivered, aligned to Group Risk framework;
Manage preparation of Information Systems Risk register and align to Group Risk register.




Data Protection


Develop a Data Classification model;
Monitor the GDPR control framework such that the risk of a loss of data is reduced to acceptable levels;
Manage Data Protection controls to agreed service levels through effective review and reporting;




The ideal candidate will be capable of operating in a fast paced, high pressure environment. You will require excellent organisational skills as you must be flexible in handling multiple issues concurrently. The role will involve interacting with a range of stakeholders within the business and you must therefore have strong communication skills.



This is an exciting role with genuine prospects for the right candidate. If this role describes you and your career aspirations click apply now.