Information Security Officer

TUI Group is the world’s number one integrated tourism business. The Security Domain is a global team within TUI technology responsible for leading Information Security risk management across TUI. We are a multi-disciplinary team of experts across Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Belgium and The Netherlands.

At TUI we’re ambitious to become the leader in technology within the travel industry and to achieve this we are looking to build a capable, creative team who want to be a part of accomplishing that goal.

We are looking for a talented and dedicated security leader to join the Governance, Risk and Compliance (GRC) team which supports the Group CISO in their responsibility to ensure information security risks are managed in alignment to our business goals across TUI Group.

ABOUT THE JOB

• As an Information Security Officer, you will promote and inspire a security first culture at TUI.
• You will direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business.
• Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems.
• Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap. This will include protecting the TUI brand and its customers, detecting and responding to incidents, strengthening our defences, reducing the attack surface and securing our behaviours.
• You will have extensive business knowledge and understand the impact of emerging practices and technologies.
• Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance.
• Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place.
• You will ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated. Ensure effective security operations (e.g. vulnerability scanning, patching).
• Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit.
• Manage risk in a pragmatic and cost-effective manner to ensure stakeholder confidence.
• You will report on the overall effectiveness of the security programme on each Domain against defined key performance indicators and drive continuous improvement.
• Our Information Security team works in collaboration with business and IT teams across our many businesses.
• You will build strong working relationships, explain and present complex ideas to audiences at all levels in a persuasive and convincing manner. Instil secure ways of working and influence others to do the right thing to Protect our Smile.
• You will also lead workstreams focussed on the development of the GRC team from a people, process and tooling perspective.

ABOUT YOU

From a workplace to a place to belong. At TUI we embrace diversity, equity, and inclusion, encouraging everyone to come as you are, because together, our potential is limitless.

We are committed to supporting candidates with disabilities and impairments so if you require any support, please do let us know.

J-18808-Ljbffr