Manager, Information Security

Job Title

Job Title:  Regional Manager Information Security Officer (LATAM)
Position type: Permanent
Location: Bogota, Colombia
Job family: Security

About Your Business Area/Department:

This role acts as a primary regional contact and collaborator whose mission is to improve the security posture as well as adopt and standardize processes in coordination with the regional/local management and the Global Chief Information Security Officer (CISCO).  Being the Information Security Point of Contact for LATAM, they have the responsibility of working with business functions and other organizations concerning Risk Management, Vulnerability Management, Security Operations, Incident Response, and Audit as well as Finance, Legal, Compliance, and HR to address country/region specific Information Security standards and regulations.

As an integral part of the Regional Information Security Office, the team is an enabler and partners with business functions to satisfy security requirements and allow the business to move forward. The goal is to comply with the Amadeus Security Policies and Standards by supporting Amadeus ISMS (Information Security Management System) while staying in close partnership/relationship with the Incident Response Lead on IT Security events. The RISOs do their utmost to ensure that local processes and criteria in scope, are followed and applied in the regions.

Summary of the role:

Lead the regional information security function for LATAM in collaboration with Regional Information Security Officer (RISO) for the Americas and the Global Chief Information Security Office.

Ensures alignment with the group strategy, priorities, and operating model. The position reports to the Regional Information Security Officer for AMERICAS.

This role acts as a primary contact to maintain and improve the region’s security posture as well as adopt and standardize global processes.  Being the primary Information Security Point of Contact for LATAM, they have the responsibility of working with business functions and functional organizations concerning Risk Management, Vulnerability Management, Security Operations, Incident Response, Audit, Legal, Compliance and HR to address region specific Information Security standards and regulations.

As an integral part of the Regional Information Security Office, the person is an enabler and partners with business functions to satisfy security requirements.

In this role you’ll:

• Support business units and IT departments on Information Security matters and projects.
• Support regional and global CISO in creating and consolidating all security policies,  processes and activities.
• Regional support on company response to security requests from Customer Services Agreements.
• Escalation Point of Contact for Business Information Security Officers (BISOs) with regional customer security requests.
• Regional support for HR, Legal Counsel, Compliance, Risk & Compliance teams.
• Regional support for Corporate Security Awareness Program.
• Regional support for RFI / RFP engagements.
• Act as Regional Security Incident Manager upon Global Security Incident Response request and for major regional incidents.
• Regional representation and contribution to Fraud Prevention initiatives.
• Perform risk analyses and information security audits.
• Prepare and issue regular regional security risk map.
• Define and report on regional security KRIs and KPIs.
• Lead post-mortem regional remediation plan following major incidents in the region.
• Contribute to regional public forums in travel industry events.
• Support regional assessments of Security posture, and due diligence.
• Contribute to regional integration process after acquisition.
• Propose solutions to ensure compliance with regional legal rules and regulations.
• Interface with customers on CISO-related Security questions according to Customer Services Agreements.
• Review suppliers, partners and distributors’ agreements for compliance with company Security Requirements (ASRs).

Frequent Interactions:

• Business Units, Technical and Domain Information Security Officers, Legal, Compliance, Privacy, Global CISO group, partners, and distributors
• Internal and external Auditors
• Customers (Airlines, Airports, Travel Agents) including their Legal Department

About the ideal candidate:

• Bachelor’s degree in computer sciences (IT, Cyber Security, Risk Management or related field).
• 6-8 years of Information security, and IT risk management experience.
• Ability to adapt the information security requirements to the business.
• Ability to understand the security requirements driven by the travel industry.
• Cyber Security, Risk Management, Vulnerability Management, Security Operations, Incident Management, Asset Protection, IT Infrastructure, Security Engineering, Web and App Security,  Networking, VOIP, Wireless, LAN/WAN, Identity and Access Management, Security Penetration Testing, Software Development, Incident Management, Disaster Recovery. Forensics.
• Fluent in Spanish and English (written and spoken)
• Familiarity with ISO27001, NIST, PCI-DSS Frameworks
• Security attestation reports
• Data Protection and Privacy Regulations
• Regional Cyber Security Laws
• Effective communication and leadership skills

What we can offer you:

• Get rewarded with  competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits.
• Work from anywhere: onsite, hybrid or fully remote. 

• Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.
• Enter a diverse and inclusive workplace, join one of the world’s top travel technology companies and take on a role that impacts millions of travelers around the globe.

Application process: 

The application process takes no longer than 10 minutes!
Create your candidate profile, upload your Resume/CV and apply today!

Working at Amadeus, you will find

🎯 A critical mission and purpose - At Amadeus, you will be powering the future of travel and pursuing a critical mission and extraordinary purpose.

🌎 A truly global DNA - Everything at Amadeus is global, from our people to our business, which translates into our footprint, processes, and culture.

🎓 Great opportunities to learn - Learning happens all the time and in many ways at Amadeus, through on-the-job training, formal learning activities, and day-to-day interactions with colleagues.

🤗 A caring environment - Amadeus fosters a caring environment, nurturing both a fulfilling career and personal and family life. We care about our employees and strive to provide a supportive work environment.

💰 A complete rewards offer - Amadeus provides attractive remuneration packages, covering all essential components of a competitive reward offer, including salary, bonus, equity, and benefits.

🌟 A flexible working model - We want our employees to do their best work, wherever and however it works best for them.

🌈 A diverse and inclusive community - We are committed to leveraging our uniquely diverse population to drive innovation, creativity, and collaboration across our organization.

📈 A Reliable Company - Trust and reliability are fundamental values that drive our actions and shape long-lasting relationships with our customers, partners, and employees.

Diversity & Inclusion

We are an Equal Opportunity Employer and seek to hire the best candidate regardless of age, beliefs, disability, ethnicity, gender or sexual orientation.