Job Introduction
As we continue our mission to make people happy through chocolate, we’re looking for a Compliance Manager to join our Infrastructure and Security team on a permanent basis.
This is a varied role where you’ll support compliance, risk management, and cyber security initiatives across our retail business. Reporting to the Infrastructure and Security Manager, you’ll help to implement security policies, ensure regulatory adherence, and strengthen our digital governance in line with Mars Information Security requirements.
As well as a competitive salary and a range of company benefits, you’ll receive 50% discount on all products, and a 70% discount for you and your guests when you stay at our Rabot Estate hideaway on the paradise island of Saint Lucia.
Here at Hotel Chocolat, we've adopted hybrid working. This means you’ll join us on site for three days a week, and for the other two days – you can work from wherever you like!
What you’ll be doing…
Supporting the development and delivery of our Cyber Security Strategy and Roadmap
Maintaining and monitoring the Cyber Risk Register
Tracking KPIs and KRIs for cyber security and compliance
Supporting IT security audits and PCI DSS compliance efforts
Helping to automate compliance reporting and align policies with frameworks such as ISO 27001, NIST CSF, COBIT and PCI DSS
Co-ordinating elements of the Security Champions Programme to promote awareness across the business
Supporting the development of IT General Controls (ITGCs) and educating control owners
Co-ordinating external audits and preparing compliance reports for key stakeholders
Supporting Business Continuity, Disaster Recovery and Incident Response plans
Monitoring regulatory requirements and supporting training and compliance awareness initiatives
Who you are…
Detail-oriented, with strong organisational skills
Collaborative, able to work with colleagues across multiple functions
A clear communicator, comfortable with both technical and non-technical stakeholders
Someone who is passionate about cyber security, compliance, and continuous improvement
Essential:
Experience in Information Security, IT Audit, or Compliance
Familiarity with control design, risk frameworks, and compliance reporting
Degree in Cyber Security, IT, Risk Management, Law, or a related subject
Strong written and verbal communication skills
Knowledge of business continuity planning, incident response, and crisis communication
Experience supporting security audits and compliance assessments
Desirable:
Professional certifications such as CISA, CISM, CISSP, or CRISC
Knowledge of COBIT, NIST, or ISO 27001 frameworks
Familiarity with Cyber Essentials certification requirements
Experience in process documentation and compliance reporting
Who are we?
We’re one of the UK’s favourite premium chocolate brands, with a range of products spanning luxury gifts, alcohol and our pioneering drinking chocolate system, the Velvetiser™.
A cacao pod takes years to grow – it can’t be rushed if it’s going to be just right for our products. The same can be said for Hotel Chocolat, which originally started as a mint production company before we realised it was luxury chocolate that we were really passionate about.
Now, we’re market leaders in the industry. What began as an online-only business grew to over 140 stores across the UK, and we’re still growing… Today, we’re multi-category, multi-channel, and multi-territory, and our customers, colleagues, cacao farmers and suppliers all benefit from the success we make together.
To learn more about us and read about our People Pledge – our commitment to equality, diversity and inclusion – click here: hotelchocolat.com/uk/engaged-ethics/our-people.html