Manager, Information Security GRC

Job Title

About the Business:

The Hospitality CISO Office consists of three teams of security experts:

SEC-HOS-GRC (Governance, Risk and Compliance)

SEC-HOS-SOA (Security Operations and Architecture)

SEC-HOS-PGM (Program Management)

Together we…

• ​​​​​​​Build a solid security organization for the new Amadeus Hospitality Business Unit with a unified security posture.​​​​​​​

• Maintain compliance with applicable legislation, regulations, and market dominant security standards, including the implementation of new requirements.

• Continue education programs for Amadeus Hospitality personnel so they understand their role in protecting information assets and the consequences for failing to do so.

• Make our organization and products sufficiently resilient against intentional and unintentional bad behaviors, attacks, data breaches and fraud.

Summary of the role:

The Manager Information Security Governance, Risk & Compliance is the staff member of the Hospitality Information Security GRC team (SEC-HOS-GRC).

He or she reports to the Director of the Hospitality Information Security GRC and manages the Information Security, Governance, Risk & Compliance and Data Privacy topics within the Hospitality Business Unit.

In this role you’ll:

• Manage a selection of compliance programs, ensuring alignment with industry standards and regulations, such as SOC 1-2, PCI DSS, ISO 27001/ISO27701, GDPR, NIS2, CCPA/CPRA, etc. This, aligned with business needs and a risk-based approach for the Hospitality product line and Business Unit.

• Manage/coordinate compliance audits, assessments, and certifications, coordinating with external auditors as needed.

• Ensure alignment with Amadeus Hospitality Missions & Objectives, the HOS CISO vision, and the guidance provided by Amadeus central.

• conduct risk assessments and identify potential threats and vulnerabilities to our systems, data, and processes.

• Collaborate with internal stakeholders to develop risk mitigation strategies and action plans.

• establish and maintain the information security governance framework for Hospitality, incorporating risk management and compliance requirements.

• Ensure that the designed implementation guidelines, policies and procedures, derived from the Governance Framework are communicated, understood and applied appropriately within Amadeus Hospitality Business Unit.

• Provide support to the HOS-CISO and the Director of the HOS GRC (Governance, Risk and Compliance) team with respect to the interface with Legal, Security and Data Privacy Authorities.

Education:

• Bachelor's degree or higher and/or equivalent work experience.

• CISA, CISM or similar industry certification(s) are preferred"

• ISO27001 Lead Implementer certification preferred.                                                                                   

About the ideal candidate:

• 3+ years’ experience working within an IT organization with practical experience in compliance coordination, implementing IT risk frameworks, controls, and methodologies.

• Exposure to international and multi-cultural contexts

• Prior experience working closely with auditors and/or external regulators.

• Must possess excellent Organizational Skills, Proficient Communication Skills, Effective Problem-solving skills, Strong People Skills, Sound Understanding of Regulatory Guidelines and Security Policies, willingness to learn and self-motivation. 

• Must be creative, a team player, passionate and enthusiastic about the role.

• Ability to travel

What we can offer you:

• Get rewarded with competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits.

• Work from anywhere: onsite, hybrid or fully remote. 

• Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.

• Enter a diverse and inclusive workplace, join one of the world’s top travel technology companies and take on a role that impacts millions of travelers around the globe.

Application process: 

The application process takes no longer than 10 minutes!
Create your candidate profile, upload your Resume/CV and apply today!

Diversity & Inclusion

We are an Equal Opportunity Employer and seek to hire the best candidate regardless of age, beliefs, disability, ethnicity, gender or sexual orientation.