Information Security Grc Analyst - Madrid, España - TUI Group

TUI Group
TUI Group
Empresa verificada
Madrid, España

hace 2 semanas

Isabel García

Publicado por:

Isabel García

beBee Recruiter
Descripción
Flexible- Porto, Portugal- Lisbon, Portugal- Madrid, Spain- Barcelona, Spain-

  • Remote
  • Permanent
  • Full Time hrsTUI Group is the world's number one integrated tourism business. The Security Domain is a global team within TUI Technology responsible for leading Information Security risk management across TUI. TUI Technology is a multidisciplinary team of experts across Security, Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Belgium and The Netherlands.
  • At TUI we're ambitious to become the leader in technology within the travel industry and to achieve this we are looking to build a capable, creative team who want to be a part of accomplishing that goal.
  • We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.
  • We are looking for a talented and dedicated security professional to join the Governance, Risk and Compliance (GRC) team which supports the Security Domain in their responsibility to ensure information security risks are managed in alignment to our business goals across TUI Group.
  • As an Information Security GRC Analyst you will perform a crucial role in supporting the GRC team's activities. The role will be responsible for supporting the daytoday delivery of our compliance programmes and Information Security Management System (ISMS) within our technology domains. You will help to implement the frameworks, processes and reporting associated with the technical checks and balances. This role will require technical compliance skill alongside strong stakeholder management skills.

ABOUT THE JOB:


  • As an Information Security GRC Analyst, you will have experience in the daytoday delivery and tracking of actions towards our assurance and compliance programmes. You will have knowledge of regulatory compliance activities (e.g. GDPR) and have a view on how delivery and tracking of compliance actions could be accomplished.
  • This role will also be responsible for assisting in identifying (and filling) policy and standards gaps across the company.
  • The role will deliver regular reporting to senior stakeholders within the organisation to inform decision making and appropriate investment.
  • This role will directly assist in enabling TUI to meet its strategic goals.
Specifically, you will be responsible for delivering the following:


  • Regular reporting of the status and performance of assurance and compliance programmes.
  • Documenting policy, process and guidelines in the appropriate format by liaising with a wide range of stakeholders, following the approval process and publishing the documents.
  • Supporting the wider GRC team (including the Information Security Officers and Information Security Managers) on a variety of GRCrelated activities.
  • Determining any gaps in policy, standards, procedures and frameworks and working with the wider GRC team to fill the gaps.
  • Helping to build roadmaps for continued compliance against applicable standards.
  • Manage and mature the CMDB of compliance/governance assets.
  • Our information security team works in collaboration with business and IT teams across our many businesses. You will build strong working relationships influence others to do the right thing to Protect our Smile

ABOUT YOU:


  • Experience with tracking compliance or assurance activity in a large travel/web/retail organisation.
  • Excellent communication skills, both written and oral.
  • Ability to produce clear documentation in English.
  • Excellent organisational skills and attention to detail.
  • Information Security Audit skills and experience.
  • Good experience in a largescale enterprise organisation, preferably a retail or financial organisation.
  • Good knowledge of ISO27001, GDPR and associated legislation.
  • Good influencing skills.
  • Good interpersonal skills including persuasiveness and/or assertiveness skills.
  • Relevant security qualifications (e.g. CISM, CISSP, Security+, PCI P etc.) or equivalent qualifications a nice to have.
  • Awareness of standards and frameworks such as NIST, OWASP, ITIL and COBIT.
  • Ability to understand the needs, objectives and constraints of those in other teams.

OUR OFFER:


  • Being a valuable team member of TUI, the No.1 global and socially aware travel company.
  • Competitive salary and benefits.
  • Smart working (Flexible hours) and possibility of working remotely up to 100% or Hybrid from one of our offices.
  • Develop yourself as part of a friendly, richly, diverse and virtual international team.
**#TUIjobs
Más ofertas de trabajo de TUI Group
Ver todas las ofertas de empleo de TUI Group