Senior Business Information Security Specialist
Job Description
Ready for a challenge?
Then Just Eat Takeaway.com might be the place for you. We’re a leading global online delivery platform, and our vision is to empower everyday convenience.
Whether it’s a Friday-night feast, a post-gym poke bowl, or grabbing some groceries, our tech platform connects tens of millions of customers with hundreds of thousands of restaurant, grocery and convenience partners across the globe.
About this role
The InfoSec team at JET is scaling its security partnership and vendor assurance capability across a complex, cloud-native environment spanning multiple markets. As Security Business Partner, you will own the day-to-day delivery of vendor security reviews and shift-left security practices within engineering and product teams. You will work closely with the Security Business Partner function to embed security thinking early and give JET confidence in its third-party supply chain. Based in the UK, this is a hands-on, high-impact individual role.
These are some of the key components to the position:
- Execute vendor security assessments by collecting, analysing, and documenting supplier control evidence, audit reports, and risk findings against defined frameworks including ISO 27001 and NIST CSF.
- Identify and document third-party security risks, recommending proportionate risk treatment options aligned to JET's risk appetite.
- Support threat modelling, secure design reviews, risk remediation recommendations and early-stage risk assessments alongside engineering teams as part of the secure development lifecycle.
- Translate security findings into clear, business-aligned risk language for product and stakeholders, reducing reliance on technical jargon.
- Maintain accurate risk registers, vendor assessment records, and reporting inputs that feed into executive-level risk dashboards.
- Build working relationships with business and technology teams across multiple markets, acting as a visible and trusted point of contact for security guidance.
What will you bring to the team?
- Demonstrated ability to execute security risk assessments and vendor reviews end-to-end, including evidence collection, gap analysis, and documented findings.
- Working knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls applied in a product or engineering context.
- Ability to communicate security risk clearly to both technical and non-technical audiences, without defaulting to jargon or compliance-speak.
- Familiarity with GRC concepts including risk management, controls design, and third-party assurance, gained through hands-on practice rather than solely policy work.
- Comfort working across multiple teams and geographies in a fast-moving environment, managing competing priorities without losing accuracy or rigour.
- Relevant certifications (such as CISA, CRISC, or equivalent) are a plus, but not a barrier to applying if you can demonstrate the capability.
At JET, this is how we play
Our teams forge connections internally and work with some of the best-known brands on the planet, giving us truly international impact in a dynamic environment.
Being the best at what we do isn’t just about delivering on our strategy. It's a competition for something incredibly valuable – our customers' choice. Every time a customer decides where to order, they're picking a side.
At the heart of the JET Customer League are our values and behaviours. They guide every interaction, every decision, every innovation. These are the actions we need to perform consistently and brilliantly, to surpass the competition and earn our customers’ loyalty, again and again.
Fun, fast-paced and supportive, the JET culture is about movement, growth, helping one another to succeed and celebrating wins. By truly living our values and embodying our behaviours, we’re building a customer-first culture which enables us to stay one step ahead of the competition.
Inclusion, Diversity & Belonging
No matter who you are, what you look like, who you love, or where you are from, you can find your place at Just Eat Takeaway.com. We’re committed to creating an inclusive culture, encouraging diversity of people and thinking, in which all employees feel they truly belong and can bring their most colourful selves to work every day.
What else are we delivering?
Want to know more about our JETers, culture or company? Have a look at our career site where you can find people's stories, blogs, podcasts and more JET journeys.