Similar Jobs
Company Description
Depop is the community-powered circular fashion marketplace where anyone can buy, sell and discover desirable secondhand fashion. With a community of over 35 million users, Depop is on a mission to make fashion circular, redefining fashion consumption. Founded in 2011, the company is headquartered in London, with offices in New York and Manchester, and in 2021 became a wholly-owned subsidiary of Etsy. Find out more at www.depop.com
Our mission is to make fashion circular and to create an inclusive environment where everyone is welcome, no matter who they are or where they’re from. Just as our platform connects people globally, we believe our workplace should reflect the diversity of the communities we serve. We thrive on the power of different perspectives and experiences, knowing they drive innovation and bring us closer to our users. We’re proud to be an equal opportunity employer, providing employment opportunities without regard to age, ethnicity, religion or belief, gender identity, sex, sexual orientation, disability, pregnancy or maternity, marriage and civil partnership, or any other protected status. We’re continuously evolving our recruitment processes to ensure fairness and are open to accommodating any needs you might have.
If, due to a disability, you need adjustments to complete the application, please let us know by sending an email with your name, the role to which you would like to apply, and the type of support you need to complete the application to [email protected]. For any other non-disability related questions, please reach out to our Talent Partners.
As part of the Information Security team, this role will be responsible for leading and supporting Depop's information security program, conducting risk assessments, developing and implementing security policies, and responding to security incidents.
FTC: May 2025 to March 2026
Responsibilities
Support the Head of Information Security in defining and delivering upon a broad, company-wide security roadmap, including training, physical/cyber/information security, compliance, policies, etc.
Monitor logging and alerting tooling for security issues
Investigate security breaches and other cybersecurity incidents
Install security measures and operate software to protect systems and information infrastructure
Document security incidents and breaches and assess the damage they cause
Work with the Engineering teams to respond to tests and uncover vulnerabilities
Work with teams to fix detected vulnerabilities to maintain a high-security standard
Develop and maintain company-wide best practices, policies and processes for Information Security
Research security enhancements and make recommendations to management
Stay up-to-date on information technology trends and security standards
Ensure compliance with relevant regulations and standards, such as PCI DSS, HIPAA, and SOX
Knowledge of risk assessment tools, technologies and methods
Knowledge of disaster recovery, computer forensic tools, technologies and methods
Contribute to the security incident response process and play an active role in it
The role involves participation in an on-call rotation, during which the analyst will be responsible for monitoring and responding to security alerts and potential incidents.
Qualifications:
Knowledge of CyberSecurity Frameworks (NIST, CIS, ISO27001)
Experience with detection and remediation of security vulnerabilities
Knowledge of risk assessment tools, technologies and methods
Experience planning, researching and developing security policies, standards and procedures
Experience in privacy and cyber governance, risk and compliance frameworks and controls
Proven ability to identify and assess complex risks and understand the mechanisms (people, process, technology) available to manage those risks
Non-technical
Exemplary communication skills, especially in dealing with multiple stakeholders
Able to take a risk-based approach and effectively prioritise many competing demands
Desirable
People management and mentoring experience; we want you to help shape and develop our Information Security Awareness
Understand compliance, legal and ethical obligations organisations should have with respect to logical and physical security, personally identifiable information and data protection
Additional Information
Health + Mental Wellbeing
PMI and cash plan healthcare access with Bupa
Subsidised counselling and coaching with Self Space
Cycle to Work scheme with options from Evans or the Green Commute Initiative
Employee Assistance Programme (EAP) for 24/7 confidential support
Mental Health First Aiders across the business for support and signposting
Work/Life Balance:
25 days annual leave with option to carry over up to 5 days
1 company-wide day off per quarter
Impact hours: Up to 2 days additional paid leave per year for volunteering
Fully paid 4 week sabbatical after completion of 5 years of consecutive service with Depop, to give you a chance to recharge or do something you love.
Flexible Working: MyMode hybrid-working model with Flex, Office Based, and Remote options *role dependant
All offices are dog-friendly
Ability to work abroad for 4 weeks per year in UK tax treaty countries
Family Life:
18 weeks of paid parental leave for full-time regular employees
IVF leave, shared parental leave, and paid emergency parent/carer leave
Learn + Grow:
Budgets for conferences, learning subscriptions, and more
Mentorship and programmes to upskill employees
Your Future:
Life Insurance (financial compensation of 3x your salary)
Pension matching up to 6% of qualifying earnings
Depop Extras:
Employees enjoy free shipping on their Depop sales within the UK.
Special milestones are celebrated with gifts and rewards!
Depop London, England Office
20 Farringdon Road, London, United Kingdom, EC1M 3HE
