Overview:
WELCOME TO SITA
We're the team that keeps airports moving, airlines flying smoothly, and borders open. Our tech and communication innovations are the secret behind the success of the world's air travel industry.
You'll find us at 95% of international hubs. We partner closely with over 2,500 transportation and government clients, each with their own unique needs and challenges. Our goal is to find fresh solutions and cutting-edge tech to make their operations run like clockwork. Want to be a part of something big?
Are you ready to love your job? The adventure begins right here, with you, at SITA.
PURPOSE
As Business Information Security Office (BISO) Senior Security Specialist – Europe you will function as the security interface and single point of contact (SPOC) for enterprise security for an assigned geographic region (GEO). As a trusted advisor to the GEO and its customers, the BISO Senior Security Specialist’s help the business achieve its objectives effectively while not compromising on security, by providing advice and guidance to ensure activities are aligned to SITA’s overall enterprise security governance, policies, standards and strategic security improvement program.
To achieve this, the BISO will work closely with the GEO stakeholders to gain a deep understanding of their business in order to help balance information security and regulatory cybersecurity compliance risk, and risk-based discussions.
As part of the BISO team, you will work closely with the CISO and other BISO team members to help align practices consistently across the entire organization, and to drive security transformations that are holistic while meeting customer requirements and best practices in security and compliance. The BISO Senior Security Specialist will understand the key assets and processes, and identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary.
This role will liaise between the GEO business leadership, the Product Security team and Enterprise Security Teams, keeping clear lines of communication including but not limited to:
* transparency to the business on upcoming security initiatives
* reporting of security risks to the CISO and appropriate committees
* provide input to the Information Security Improvement Program
* input into business processes related to information security incident response process, identifying impact to the business and to customers, helping to shape remediation, and developing external and internal message points.
You will be accountable for combining business acumen with technical knowledge as the BISO assists in improving the information security posture with respect to delivering services and partnering with the GEO leadership and reporting to the Chief Information Security Officer (CISO).
The world is changing. Are you ready to define the future of travel with us?
KEY RESPONSIBILITIES
* Participating in managing a documented Information Security Program and supporting security strategy for the GEO
* Ensure the program is aligned with SITA Information Security Programs Governance, Policies and Standards while monitoring and reporting on risks and documented exceptions
* Provide input into the enterprise Governance, Security Policy and Standards revisions
* Ensure awareness of all applicable regulatory, legal and contractual obligations
* Ensure clear lines of communication between GEO, the Enterprise Security Teams, Product and Operations security teams.
* Act as the primary local single point of contact for security and provide a priority escalation path for significant security concerns and inquiries
* Engage with clients and customers as needed to assist the business to achieve its objectives by representing our security program, supporting internal and external audits, assisting in customer communication of security incidents, etc.
* Participate in region-related conferences, client-facing engagement, industry forums to represent SITA’s Cybersecurity program
* Evangelizing security awareness across the GEO
* Drive information security risk management, policy compliance, data protection, education and awareness
* Develop and maintain in-depth understanding of GEO’s processes, systems, technologies, data, customers, consumers, partners
* Proactively identify security and privacy non-compliance and areas of potential improvement, and facilitate development and deployment of standard solutions
* Provide reporting on the state and efficacy of security and privacy controls for their projects and platforms
* Partner with local Compliance, Legal and IT resources to achieve effective working relationships that can further the effectiveness of the Security program
* Provide regular and timely reporting on the status of cyber security across the GEO
* Work with Security Incident Response and Crisis Management teams to assist in effectively driving incidents to acceptable resolution
KNOWLEDGE & SKILLS
* 7+ years of experience in Cloud and Information Technology
* 7+ years of experience in governance, compliance, audit and risk management
* 7+ years of experience in Information Security related role (architecture, technology)
* 5+ years of experience in penetration testing, application testing, vulnerability identification and management, and red team engagements
* Experience with Data Privacy regulatory requirements an asset
* Security/Risk certification such as CISSP, CISM, CISA or similar preferred
* Experience in the Aviation or transportation sectors preferred
* Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
CORE COMPETENCIES
* Experience working in Agile methodology
* Experience working in a matrix model, as the BISO supports operational and transformational efforts for a given region or organizational function
* Ability to manage multiple complex priorities and competing agendas without express authority over GEO resources or teams
* Ability to interpret and apply policies and regulations across a large, complex business
* Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
* High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
* Strong relationship, team building and facilitation skills
* Ability to translate technical/security issues to business users
* Ability to independently influence others to achieve objectives
* Service Level Management experience
WHAT WE OFFER
We're all about diversity. We operate in 200 countries and speak 60 different languages and cultures. We're really proud of our inclusive environment. Our offices are comfortable and fun places to work, and we make sure you get to work from home too. Find out what it's like to join our team and take a step closer to your best life ever.
Flex Week: Work from home up to 2 days/week (depending on your team's needs)
*
Flex Day: Make your workday suit your life and plans.
Flex-Location: Take up to 30 days a year to work from any location in the world.
Employee Wellbeing: We have got you covered with our Employee Assistance Program (EAP), for you and your dependents 24/7, 365 days/year. We also offer Champion Health - a personalized platform that supports a range of wellbeing needs.
Professional Development: Level up your skills with our training platforms, including LinkedIn Learning!
Competitive Benefits: Competitive benefits that make sense with both your local market and employment status.
SITA is an Equal Opportunity Employer. We value a diverse workforce. In support of our Employment Equity Program, we encourage women, aboriginal people, members of visible minorities, and/or persons with disabilities to apply and self-identify in the application process.
#J-18808-Ljbffr