We’re here to unite the conditioning community. We believe that putting the sweat in today, prepares us for tomorrow. So, we give people the tools they need to reach further, go faster, be stronger. We celebrate those who show up – for themselves – to be their physical or mental best, whatever that means for them. It’s what we want for our community, and our team. A team that’s growing rapidly around the world. A collective of talented individuals working together to invent Gymshark’s future. Our plans are ambitious, and we’re looking for people who want to join us for the ride – our growth will be your growth.
As Gymshark’s InfraSec Governance Analyst, you will be responsible for conducting InfraSec risk assessments on potential and existing third-party service providers.
Are you our next InfraSec Governance Analyst? Here’s the role up close:
Management & Support
- Collate information from questionnaires, documented policies and procedures, security certifications and reports, and public sources to conduct InfraSec risk assessments on third-party systems and service providers.
- Support internal teams in vendor selection and provide recommendations based on findings from risk assessments.
- Supporting the maintenance and development of the Gymshark’s Security Framework.
- Assisting in the implementation and development of appropriate policies, processes, and reports.
- Provide insight to help design and architect Gymshark’s security strategy.
- Identify, Manage and Maintain Internal, third-party, and Supply Chain risks, which may affect Gymshark’s operational capability within a Company Risk Register (e.g., Information Security Risks, Business Continuity), and work with key stakeholders to reduce or eliminate them.
- Work collaboratively with teams when you find uncompliant systems or processes.
- Work with the required internal teams to build, maintain and improve the Vendor review process to aid Gymshark’s vendor selection process.
- Ability to navigate continuously expanding organisational structures and collaborate with multiple stakeholders across functional and technical skillsets.
- Excellent communication skills with the ability to explain Governance & Compliance requirements in business risk terms.
- Collect information and evidence to measure the effectiveness of process, policies, training and awareness programmes of third-parties to understand any potential impacts of concerns of using their services.
Knowledge & Opportunity
- Attend relevant 3rd party events & Webinars to further knowledge/skills/contacts within the industry.
- Using information provided to assess risks posed by new and existing systems, identify issues or problems and provide recommendations based on those assessments.
- Periodically benchmark our systems to ensure we are staying with the platforms that are most relevant as we continue to grow and expand – think long term.
- Own or work towards, an industry-recognised qualification or equivalent in Cyber/InfraSec.
- Experience in information security and/or generating reports and management information for different functions/areas.
- Knowledge of contemporary and emerging enterprise security standards, approaches, practices, and industry trends.
- Understand relevant technologies and associated technical information security controls.
- An understanding of due diligence processes, as they relate to information security and data privacy.
- General high level of organisational skills and attention to detail.
- General computer literacy is essential, as is the ability to understand system architecture and information/data flows.
- Ability to work collaboratively with other team members to deliver immediate tasks.
- To be a creative problem solver with the ability to think laterally and understand the cost and value drivers within a competitive business environment.
Here are some of the perks we offer:
🙌 Opportunity to work on high traffic, high performing e-commerce systems
🤑 Competitive ‘Win Together, Lose Together’ Bonus
🩺 Full private medical insurance with no excess
🏖 25 days holidays + your birthday and all the Bank Holidays which can be substituted and taken whenever you want.
💻 A truly flexible working culture (role needs someone to come to HQ at least twice a week but not every day).
👥 A collaborative, creative and inspiring working environment
💰 Employer pension contributions up to 7%
🤩 Life Assurance at four times your basic salary
🦈 50% Gymshark Discount & Gymshark Gift Card for each year of service
🥇 Financial, Physical and Mental Wellbeing Support
📚 Great training and learning resources & 10% time for personal development
🖥 Choice of hardware and access to the best software
🤒 Paid time off when you’re physically and mentally unwell
🧸 Very Generous Family Leave package – we support you extending your family
GS Campus Perks:
🍎 Refuel – Healthy fresh food at GSHQ
🏋️♂ Free Lifting Club (LC) Gym Membership for yourself and two friends/family
👉 Free monthly massages
💈 Beauty and Barber facilities
🚘 Free on-site parking