Senior Information Security GRC Analyst
TUI Group is the world’s number one integrated tourism business. The Security Domain is a global team within TUI Technology responsible forleading Information Security risk management across TUI. TUI Technologyis a multi-disciplinary team of experts across Security, Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Belgium and The Netherlands.
At TUI we’re ambitious to become the leader in technology within the travel industry and to achieve this we are looking to build a capable, creative team who want to be a part of accomplishing that goal.
We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.
We are looking for a talented and dedicated securityprofessional to join the Governance, Risk and Compliance (GRC)team whichsupports theSecurity Domain in their responsibility to ensure information security risks are managed in alignment to our business goals across TUI Group.
As aSeniorInformation Security GRC Analystyou will perform a crucial role in supporting the GRC team’s activities. The role will take the lead on supporting the day-to-day delivery of our compliance programmes and Information Security Management System (ISMS) within our technology domains. You will manage the implementation of the frameworks, processes and reporting associated with the technical checks and balances. This role will require strong technical compliance skill alongside strong stakeholder managementand influencingskills.
ABOUT THE JOB
As aSeniorInformation Security GRC Analyst, you will have experience in the day-to-day management, delivery and tracking of actions towards our assurance and compliance programmes. You will have knowledge andpractical experience of regulatory compliance activities (e.g. GDPR) and have a view on how delivery and tracking of compliance actions could be accomplished.
This role will also be responsible forfillingpolicy and standards gaps across the company.
The role will deliver regular reporting to senior stakeholders within the organisation to inform decision making and appropriate investment.
This role will directly assist in enabling TUI to meet its strategic goals. Specifically, you will be responsible for delivering the following:
- Management and reporting on the status and performance of assurance and compliance programmes.
- Owning the day-to-day operation of TUI’s application assurance and cyber resilience programmes.
- Prioritising and managing the workload between the GRC Analysts in the team.
- Managing the documentation workflow and producingpolicy, process and guidelines in the appropriate format by liaising with a wide range of stakeholders, driving the approval process and publishing the documents.
- Supporting the wider GRC team (including the Information Security Officers and Information Security Managers) on a variety of GRC-related activities.
- Managing the roadmap, prioritising and fillinggaps in policy, standards, procedures and frameworksworking with the wider GRC teamand subject matter experts.
- Building roadmaps for continued compliance against applicable standards.
- Becoming a subject matter expert to IT and the business to support delivery against the standards.
- Manage and mature the CMDB of compliance/governance assets.
Our information security team works in collaboration with business and IT teams across our many businesses. You will build strong working relationships influence others to do the right thing to Protect our Smile.
ABOUT YOU
- Significant experience with managing compliance or assurance activity in a large travel/web/retail organisation.
- Strong ability in prioritising a wide breadth of tasks based on both internal and external factors.
- Excellent communication skills, both written and oral.
- Ability to produce clear documentation in English.
- Excellent organisational skills and attention to detail.
- Information Security Audit skills and experience.
- Strong experience in a large-scale enterprise organisation, preferably a retail or financial organisation.
- Strong knowledge of ISO27001, GDPR and associated legislation.
- Excellent influencing skills.
- Excellent interpersonal skills including persuasiveness and/or assertiveness skills.
- Relevant security qualifications (e.g. CISM, CISSP, Security+, PCI P etc.) or equivalent qualifications a nice to have.
- Experience usingstandards and frameworks such as NIST, OWASP, ITIL and COBIT.
- Ability to understand the needs, objectives and constraints of those in other teams.
OUR OFFER
- Being a valuable team member of TUI, the No.1 global and socially aware travel company.
- Competitive salary and benefits.
- Smart working (Flexible hours) and possibility of working remotely up to 100% or Hybrid from one of our offices.
- Develop yourself as part of a friendly, richly, diverse virtual international team.
If you want to know more about why TUI Group is the world's leading tourism group, and our continuing work in the diversity & inclusion space, simply visit careers.tuigroup.com
#TUIjobs #LI-AR1 #LI-Remote
Gerelateerde inhoud
-
Jouw carrière bij TUI Werken bij TUI betekent het creëren van onvergetelijke ervaringen. Of je nu graag in de lucht, op de grond of op zee werkt, of je een ervaren professional bent of net van school komt, je vindt je nieuwe carrière in een van onze geweldige teams.
-
Over TUI Wij zijn teamspelers, makers van vakantiedromen en innovators in de reisbranche. Wij zijn TUI, dé naam in wereldwijde reis- en vrijetijdsbelevingen die vakantiedromen waarmaakt.
-
Het beste team in de reiswereld We zijn een toonaangevend wereldwijd reis- en vrijetijdsbestedingsbedrijf, maar ons echte doel is om onvergetelijke vakantie-ervaringen voor al onze klanten te creëren. Samen met meer dan 65.000 collega's zijn we het beste team in de reisbranche.
-
-
-
-
-
-
Kantoorfuncties Bij TUI draait alles in onze bedrijfsfuncties om het mogelijk maken van een topvakantie voor onze gasten. Hier kun je belangrijke projecten starten, financiële doelen nastreven of onze medewerkers ondersteunen op hun weg.
-
Cruises We hebben een vloot van 16 cruiseschepen en navigeren door alle uitdagingen heen om onvergetelijke cruise-ervaringen te creëren die onze gasten hun leven lang zullen herinneren.
-
Vacatures in Hotels en Bestemmingen Begin met ons je droomcarrière in het buitenland. Er wachten onvergetelijke ervaringen op je. Of je nu op zoek bent naar avontuur of al op een van onze bestemmingen woont – we kunnen niet wachten tot je bij ons incheckt.
-
Retail en Contact Centers Er wachten veel carrièremogelijkheden op je in onze reisbureaus en callcenters – inclusief reislust. Word onderdeel van de TUI-familie en start een carrière die de harten van vakantiegangers sneller laat kloppen.
-
Early Careers Onze startersprogramma's zijn wereldwijd beschikbaar, en elke locatie heeft iets unieks te bieden. Ontdek wat we waar aanbieden.
-
Engineering en Onderhoud Of het nu gaat om het verkrijgen van de benodigde onderdelen, het naleven van strenge voorschriften of het onderhoud – we hebben alles onder controle en werken voortdurend aan het optimaliseren van de beschikbaarheid en prestaties van onze vloot.
-
Airline Stap aan boord bij TUI Airline, waar passie vleugels krijgt. Ons diverse team vormt het kloppend hart van onvergetelijke reizen en zorgt ervoor dat elke vakantie van onze klanten begint met een glimlach.