Share this Job

Job Title:  Risk & Compliance Specialist

Date:  08-Apr-2021

Littlehampton, WSX, GB, BN17 6LS

Full Time/Part Time:  Full-Time
Contract Type:  Regular/Permanent
Hours per week:  37.5

The Body Shop

When Anita Roddick founded The Body Shop in 1976, she had a vision. Business as a force for good – that’s us. Over 40 years later, we’re proud to be pioneering cruelty-free beauty every step of the way. We’re the original ethical beauty brand. We’ve got a thing for empowering people and enriching our planet. We’re all about keeping it real, in every way possible. Our activist roots remain a huge part of everything we do, from our iconic window posters to our vegetarian products to our infamous campaigns. We’re never afraid to stand up and speak the truth. We like to do things a little differently around here. 


The Body Shop, along with Aesop and Natura, is part of Natura & Co, a global, multi-channel and multi-brand cosmetics group that is committed to generating positive economic, social and environmental impact. Group owner Natura is Brazil's number one cosmetics manufacturer. Sustainable development has been the company's guiding principle since it was founded in 1969. In fact, this is an incredibly exciting time for The Body Shop. We’re fighting for what we believe in now more than ever. No holding back. Breaking the mould has always come naturally to us, and we need someone who’s not afraid to mix things up. 

Your role in a nutshell

The Technology Risk & Compliance specialist is responsible for identifying all aspects of technology risk and ensuring that the relevant teams within IT have agreed actions to ensure risk is managed appropriately.

This role ensures that appropriate controls are implemented correctly and monitored as a ‘second line of defence’ to meet audit standards as well as to improve the overall Security Posture of The Body Shop’s technology estate.

More about the role

The Risk & Compliance Specialist role is new to our growing secvurity and compliance team at The Body Shop. As our business evolves and our technology capabilities increase and underpin our growth into new opportuinities and markets around the world, it becomes essential to manage risk and ensure we meet security and compliance objectives, safeguarding our business and customers alike.

This is an opportunity to join a growing team and be part of defining the future at The Body Shop. You'll be part of a fast paced and challenging environment with the opportunity to help guide our journey and be joining a friendly and collaborative business that is founded in purpose and ethics.

Key Job Accountabilities Include:

  • To identify risks, document and maintain the central Technology Risk Register and ensure owners and actions are assigned with regular formal reviews with senior management.
  • Act as the primary interface to auditors for all compliance obligations (Primarily PCI-DSS and SOX), ensuring issues are managed
  • Manage third party risk assessments and feed into compliance improvement plans for new and existing suppliers.
  • Produce dashboard reporting summarising areas of risk, plans and progress.
  • Monitor and challenge the IT Delivery and Support teams to mitigate areas of high risk.
  • Work closely with the Internal Controls team to design and implement technology controls, agree monitoring requirements and report on compliance at all levels within Natura &Co.
  • To be the SME on compliance controls and risk for the IT teams, providing support, guidance and training where appropriate

What we look for

  • Thorough knowledge of IT and information/cyber security controls.
  • Experience of SOX and IT Control requirements in a SOX environment
  • Experience of implementing and monitoring controls in an SAP environment, including SAP GRC operation.
  • Experience of managing risks in retail environments
  • Experience / knowledge of COBIT framework and working within an ITIL environment
  • Experience working as an auditor or extensive experience dealing with external auditors
  • Experience of working to tight deadlines in a fast-paced environment.

Talent Drivers

Personal Conduct
Collaborative Skills