Senior Manager, Information Security

Employment Type: Permanent
Contract Duration:

At IATA, we speak for the airlines of the world, serving and supporting over 300 of them across all continents. We are passionate and knowledgeable about the aviation industry, and we strive to make it safer, smarter, more sustainable, and more inclusive. We celebrate diversity and inclusion in our workforce, and we respect and value the different backgrounds, perspectives, and skills of our employees. We also care about our employees’ wellbeing, and we provide flexible work arrangements, travel benefits, family-friendly policies, equal pay, and a day off on your birthday. We believe in giving back to the community and encourage our staff to participate in volunteering activities that support causes they care about. We encourage you to join our global community of aviation enthusiasts, and we will do our best to make you feel comfortable during the interview process. IATA is more than a trade association; it is a vision of a better future for air travel.

About the team you are joining

Working within the Information Security team in the Information & Data (I&D) division, this role will report to the Chief Information Security Officer. You will primarily focus on improving IATA’s security posture through safeguarding IATA’s sensitive data and technologies, providing proactive cybersecurity practices, and staying ahead of all the latest security trends and threats. This role will be to manage all security operations across internal IATA and 3rd party suppliers.

What your day would be like

1. Implement a security operations strategy to manage all internal and external applications.
2. Build and implement a delivery roadmap outlining the gaps in current security across internal and 3rd party platforms and services.
3. Build, prioritize and maintain the catalog of cybersecurity services and processes and ensure this is communicated and socialized within the I&D and IATA teams.
4. Document security policies and standards and ensure compliance and monitoring against these.
5. Ensure security processes are implemented, continually monitored, and corrective actions taken including training and education.
6. Continuously monitor internal demands and the threat landscape to ensure the service catalog is relevant.
7. Build a comprehensive cyber dashboard to monitor all cyber activities and their deliveries.
8. Maintain and improve all information security KPIs.
9. Manage and ensure resolution of all reported risks and audit findings with their related action plans.
10. Maintain a good understanding of company-wide risk management processes owned by Internal Audit.
11. Maintain the relevant documentation up to date or early continuously improving security controls.
12. Collaborate with the Senior Cloud Architect and the Vulnerability Management Engineer to maintain a holistic view of the risks.
13. Establish trust and collaborative working relationships with the rest of the I&D team, 3rd party security providers, and development teams.
14. Chair forums and various meetings as deemed necessary by the CISO.

We would love to hear from you if

1. Master’s degree in computer science, Engineering, or Cybersecurity.
2. 10 years’ experience in information or cybersecurity.
3. Cybersecurity certification, such as CISSP, CISM, or the like.
4. Knowledge of ISO 27001:2022 / PCI-DSS / SOC2 / NIST.

Travel Required: 10%

Learn more about IATA’s role in the industry, our benefits, and the team at iata/careers/ . We are looking forward to hearing from you!

#J-18808-Ljbffr