Information Security & Data Protection Lead

Contract type



Support Centre - IT


Dunstable, England, GB

Costa has ambitious growth plans, with a vision to become the Worlds Most Loved Coffee company.  A Costa moves towards its ambition of becoming a truly global total coffee company, IT becomes increasingly important in enabling business strategies.  A Information Security & Data Protection Lead role is being recruited for which will be integral to the success of IT.


A bit about us...

At the heart of Costa Coffee are our values; we believe in Passion, Warmth, Trust and Courage. We are the No 1 coffee brand in the UK and as part of the Coca-Cola Company, we’re on a journey to be the worlds most loved coffee brand, we don’t settle for mediocre. We’ve come a long way from the Costa brothers first roastery in 1971, today we are a total coffee company that delivers great coffee to our consumers all over the globe. Along with our much-loved stores, this includes our Express machines, Ready to Drink range, and a long list of friends and partnerships. Costa are proud of our collaborative and inclusive workforce, who continually unlock new growth potential.


A bit about the role...

This role requires very strong subject matter knowledge with a experience across the specialisms of Information Security and Data Privacy and will provide technical leadership across all markets.

  • Support the implementation of the Broader Global information security strategy and risk management framework across the Costa Group (Equity, Franchise, Channels, Roastery, Express).
  • Lead the management of global security incidents working with senior stakeholders and external regulators.
  • Accountable for providing strong technical leadership globally, across Information security and data privacy and the effective operation of robust tools & processes to ensure risks are appropriately mitigated. Identify, and ensure adherence to, local and global regulatory and legal frameworks for the Costa Group.
  • Accountable for the design and implementation of a global incident management framework covering all aspects of information security and data privacy.
  • Manage stakeholder requirements across the Costa Group, building strong and credible relationships as the recognised subject matter expert, and having the ability to influence strategic decision making at senior management level.
  • Support the development of, and deliver, the education and awareness programme for driving cultural change across the Group to ensure Information Security is embedded, fully understood and the proper implementation of and adherence to the security strategy and policies, both by colleagues and relevant third parties is maintained.
  • Remain informed on information security and data privacy trends and issues, including current and emerging technologies, legislation and best practices; advise and educate stakeholders on their relevance and impact, recommending and implementing changes to policy and/or practice where appropriate.
  • Accountable for ensuring all IS investments deliver appropriate security and data privacy solutions to protect the business now and in the future across the Costa Group.
  • To bring subject knowledge and expertise and best practice around information security & data privacy and support the work to ensure that Costa can meet TCCC information security and data privacy requirements as appropriate.



A bit about you…

  • Strong knowledge of security standards (Cyber Essentials / IS 27000/COBIT) and their applicability to a FTSE 100 company
  • Strong knowledge of Data Privacy Regulations
  • Very Strong knowledge of security tools and processes
  • Formulation of Systems design to include information security that supports business objectives.
  • Experience working in a senior role, managing complex global security, privacy and payment Technologies and regulatory requirements


What we can offer...

We’re on an exceptional adventure and can offer a truly purpose led career with good flexibility to suit your personal needs. In addition, you will benefit from the below:

  • BUPA Healthcare
  • Costa Pension Scheme
  • Bonus Scheme
  • 25% staff discount, including endless free coffee onsite at support office
  • 25 days Holidays


Location / Travel: Dunstable / Flexible

At Costa Coffee we celebrate Inclusion and Equality; we believe everyone should bring their true self to work. We advocate collaboration and transparency and embrace differences in all that we do. #nowisthemoment to join.


Job ref:



12 Nov 2021

You might also be interested in

Innovation Design Engineer

Loudwater, England, GB

View vacancies
Azure Data Platform Architect

Costa Limited, 6th Floor, Chancery House, 53-64 Chancery Lane, London, GB-LND, WC2A1QS, GBR

View vacancies
Consumer Analytics Manager - 15 month FTC

Costa Limited, 6th Floor, Chancery House, 53-64 Chancery Lane, London, GB-LND, WC2A1QS, GBR

View vacancies
Software Developer (C#)

Loudwater, England, GB

View vacancies
Microsoft App Support Senior Specialist

Costa Limited, 6th Floor, Chancery House, 53-64 Chancery Lane, London, GB-LND, WC2A1QS, GBR

View vacancies
Product Analyst

Costa Express Head Office, Knaves Beech, Loudwater, High Wycombe, GB-BKM, HP109QR, GBR

View vacancies