Costa has ambitious growth plans, with a vision to become the Worlds Most Loved Coffee company.  A Costa moves towards its ambition of becoming a truly global total coffee company, IT and Data become increasingly important in enabling business strategies.  As such Costa is recruiting for a Risk and Compliance Lead.

A bit about us...
 

At the heart of Costa Coffee are our values; we believe in Passion, Warmth, Trust and Courage. We are the No 1 coffee brand in the UK and as part of the Coca-Cola Company, we’re on a journey to be the worlds most loved coffee brand, we don’t settle for mediocre. We’ve come a long way from the Costa brothers first roastery in 1971, today we are a total coffee company that delivers great coffee to our consumers all over the globe. Along with our much-loved stores, this includes our Express machines, Ready to Drink range, and a long list of friends and partnerships. Costa are proud of our collaborative and inclusive workforce, who continually unlock new growth potential.

A bit about the role...

• Support the development and implementation of the Governance, Risk and Compliance Framework across the Costa Group (Equity, Franchise, Channels, Roastery, Express)
• Manage stakeholder requirements across TCCC and Costa Group, building strong and credible relationships as the recognised subject matter expert providing advice and guidance around complex controls and processes and having the ability to influence strategic decision making at senior management level.
• Responsible for the development & implementation of SOX IT General control framework, and for driving cultural change across the Group to ensure SOX Controls are embedded, fully understood and the proper implementation of and adherence to the Framework, both by colleagues and relevant third parties is maintained.
• Support the overall strategy for and continuous improvement of Governance Risk and Compliance across the Costa Group.
• To bring subject matter knowledge, expertise and best practice around Governance, Risk and Compliance Controls to ensure that Costa can meet TCCC requirements as appropriate
• Responsible for the development of the risk management process and monitoring the effectiveness to ensure Costa’s information related risks are known and managed within the Costa ExCo’s stated risk appetite
• Responsible for on-going assurance of Costa’s suppliers, franchisees and support partners to ensure that they meet TCCC and Costa’s Governance, Risk and Compliance requirements
• Responsible for developing and reporting on management processes to achieve and maintain relevant and appropriate regulations (i.e. PCI DSS, SOX)
• Responsible for the collation of management information to allow regular Governance, Risk and Compliance performance reporting to the Exec and TCCC

A bit about you…
 

Essential:
 

• Some knowledge of Information security and Cyber security practises and standards (ISO27000/ISF, CIS, PIC-DSS, SOX) and their applicability to a worldwide leading retailer
• Some knowledge of security tools and processes
• Some knowledge of Risk management frameworks such as COBIT
• Strong written and verbal communication skills
• Strong stakeholder management
• Previous experience of working in a global organisation
• Some previous experience of working with third parties and supply management
• Some experience of developing business appropriate information security Policies, Standards and Guidelines for a large organisation

Desirable:
 

• Proven understanding of Information Security methodologies, reinforced with industry leading qualifications (CISSP, CISM)
• ITLT/ISF/IRAM/COBIT frameworks and methodologies
• Data protection requirements
• ITGC, IT Risk and ITIL best practises
• Exposure to IT controls environment and broader operational risk
• IT Audit or consulting background

What we can offer...
 

We’re on an exceptional adventure and can offer a truly purpose led career with good flexibility to suit your personal needs. In addition, you will benefit from the below:

• BUPA Healthcare 
• Costa Pension Scheme
• Bonus Scheme
• 25% staff discount, including endless free coffee onsite at support office
• 25 days Holidays

Location / Travel: Dunstable / London

At Costa Coffee we celebrate Inclusion and Equality; we believe everyone should bring their true self to work. We advocate collaboration and transparency and embrace differences in all that we do. #nowisthemoment to join.