Recruiter

TUI UK & Ireland : Head Office Don't show me jobs from TUI UK & Ireland : Head Office

Salary

£0 to £0 per year

Location

Luton Don't show me jobs in this location

Job term

Permanent

Job hours

Full time

At A Glance To define, develop and manage all aspects of information security and to ensure all measures are taken to meet regulatory security standards. To lead all compliance activities within the IT department - Risk, Quality, Audit and Health & Safety. Provide expert advice to projects to ensure the design of systems removes vulnerabilities. Lead the selection, design, justification, implementation and operation of information security controls and management strategies. Represent the UK & Ireland Mainstream business in Group wide Information Security activities. Develop and maintain corporate information security policy, standards and guidelines. What You'll Be Doing * Coordinate information security across the organisation * Ensure clear process, action plans and performance for all compliance areas - risk, audit, quality and health & safety * Ensure ongoing compliance with and suitability of information security policy * Monitor and report on the effectiveness of information security arrangements * Support and influence the IT, HR and legal departments on information security matters * Evaluate the security implications of specialised business initiatives (e.g. outsourcing, electronic commerce) * Liaise with outsourced service providers and other 3rd parties to ensure information security requirements are met * Investigate and evaluate new methods of ensuring data and applications remain protected from breaches, and ensure the implementation of new security measures are carried out with minimum impact to business processes * Feed into the Operating Level Agreement definition process * Monitor ongoing information security running costs * Budget plan and control * Develop and maintain corporate information security policy, standards and guidelines. * Prepare and maintain organisational strategies that address the evolving business information risk and control requirements, ensuring they are in line with group and IT strategies. * Operate as a focus for information security expertise for the organisation, working effectively with strategic organisational functions such as legal, audit and technical support to provide authoritative advice and guidance on the requirements for security controls. * Develop and implement security processes and procedures across the business that will eliminate or minimise risks to the business. * Raise awareness of the importance of information security and provide information that will help colleagues increase security and the protection of company data. * Act as the central point of contact for all internal and external audits then own the implementation of any remedial actions. * Conduct and oversee security risk assessments for business applications and computer installations and provide authoritative advice and guidance on security strategies to manage the identified risk. * Lead the incident management process and the investigation of breaches of information security and recommend appropriate control improvements. * Undertake the professional development and management of the information security group. * Oversee and advise on information security compliance activities relating to the Payment Card Industry Data Protection Standard (PCI DSS). Key Relationships (Internal - consulted or informed, External - prime business contacts): * Person(s): Director of IT Transformation - TUI Travel Mainstream UK & Ireland Nature: Line Manager * Person(s): Director of Service Delivery & Technical Services Nature: To ensure that the security policy is implemented and that improvement projects are completed. * Person(s): Enterprise Architecture Manager Nature: To ensure that security features in the overall strategy and that a clear security framework is provided to Solutions Architects. * Person(s): Business Management Nature: To provide education and briefing sessions that will raise awareness of how the TUI's data should be dealt with and provide a single point of management for internal and external audits. * Person(s): Service Control Manager Nature: Reviewing and advising Security Incident Management and leading investigations arising from serious breeches * Person(s): Major IT Vendors / Outsourced Providers Nature: Ensure that products are providing the measures they were selected for and are being developed to deal with new threats. What We're Looking For Qualifications: * Educated to degree level or equivalent * Formal security qualification -- Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM) * MSc Information Security or related field desirable Experience: * Information security consultancy and management in a commercial environment * Strategy development and risk analysis * Policy development and implementation * Management / team leading * Issue management and escalation * Relationship management * IT project delivery and methodologies * Knowledge of information security standards and best practice * Knowledge of compliance requirements for PCI DSS and the UK DPA Skills: * Strong verbal and written communication skills * Strong team player with the ability to challenge, provide leadership and coaching * Able to work on own initiative and look forward to anticipate changing workloads * Awareness of targets and constraints * Ability to mange conflicting priorities * Understanding of commercial / customer needs and be able to demonstrate that services are cost effective * Ability to see the big picture, analyse complex technical landscapes and evaluate technical solutions * Proven ability to produce high quality deliverables in terms of content and presentation * Proven ability to meet and exceed performance targets Scope of role: * TUI Travel Mainstream UK & Ireland * Represent Mainstream UK & Ireland across the Group for all aspects of Information Security Hiring Manager - Geraint Hayter Job Division: Mainstream Location: Wigmore House head of information security luton cissp cism communication skills strong team player analyse evaluate technical solutions