CrawlJobs Logo

Information Security Officer

https://www.tui.com Logo

TUI

Location Icon

Location:
Portugal, Lisbon

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

TUI Group is the world’s number one integrated tourism business. The Security Domain is a global team within TUI technology responsible for leading Information Security risk management across TUI. We are a multi-disciplinary team of experts across Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Belgium and The Netherlands. We are looking for a talented and dedicated security leader to join the Governance, Risk and Compliance (GRC) team which supports the Group CISO in their responsibility to ensure information security risks are managed in alignment to our business goals across TUI Group. Information Security Officer is a senior leadership role (a member of the GRC Leadership Team), responsible for overseeing and supporting the application of TUI’s Information Security management framework across the Group. Providing leadership, governance and a risk-based approach in managing security within specific areas of our business. You will partner with our business and technology leaders to deliver visibility and effective management of Information Security.

Job Responsibility:

  • Promote and inspire a security first culture at TUI
  • Direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business
  • Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems
  • Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap
  • Protect the TUI brand and its customers
  • Detect and respond to incidents, strengthen our defences, reduce the attack surface and secure our behaviours
  • Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance
  • Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place
  • Ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated
  • Ensure effective security operations (e.g. vulnerability scanning, patching)
  • Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit
  • Manage risk in a pragmatic and cost-effective manner to ensure stakeholder confidence
  • Report on the overall effectiveness of the security programme on each Domain against defined key performance indicators and drive continuous improvement
  • Build strong working relationships, explain and present complex ideas to audiences at all levels in a persuasive and convincing manner
  • Instil secure ways of working and influence others to do the right thing to Protect our Smile
  • Lead workstreams focussed on the development of the GRC team from a people, process and tooling perspective

Requirements:

  • An experienced authentic leader with a good understanding of technology and managing Information Security risks in the enterprise
  • Passionate about Information Security, delivering business value and driving continuous improvement
  • Strong people leadership skills and experience in building a positive enabling security culture based on trust, quality and pragmatic risk management
  • Great communicator and influencer comfortable working across hierarchical, organisational, cultural and market boundaries
  • Experience of managing teams, mentoring and developing security talent from different cultural backgrounds
  • Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development
  • Maintain a good understanding of latest security threats and the mitigating strategies
  • Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Experience of the implementation, operation and maintenance of an Information Security Management framework such as ISO27001 or NIST CSF
  • Good understanding of integrating security into software or product development lifecycle and cloud security
  • Experience of securing Amazon Web Services workloads is desirable
  • Certification in cloud security or architecture a nice-to-have
  • Good understanding of the international regulatory context, particularly data privacy
  • Good understanding of technology standards and control frameworks such as CIS, NIST, PCI, OWASP, ITIL and COBIT
  • Adept at articulating IT security and technical issues to technical and non-technical audiences in a clear and actionable manner
  • Experienced at gaining commitment at business unit board level
  • Strong commercial acumen when taking actions or making decisions
  • Open minded, inquisitive, life-long learner
  • Comfortable with ambiguity, highly autonomous

Nice to have:

Certification in cloud security or architecture

What we offer:
  • Attractive remuneration
  • Bonus opportunity
  • Exclusive travel perks & discounts
  • Extensive health & wellbeing support
  • Flexible working
  • Opportunities to upskill, reskill and grow your career
  • Access the TUI Tech Learning Hub
  • Participate in tech communities and collaborate on global projects and teams
  • Get involved with local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community

Additional Information:

Job Posted:
March 23, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Officer

New

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right
New

Information Systems Security Officer

Hoplite Solutions is seeking a self-starting, motivated individual to be an Info...
Location
Location
United States , Fort Meade
Salary
Salary:
Not provided
hoplitesolutions.com Logo
Hoplite Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree plus 5-years of relevant experience or Master's degree plus 3-years of relevant experience
  • An Associate's degree or 18 semesters hours of military coursework/training in a computer-related field plus 7-years of relevant experience or high school diploma/GED plus 9-years of relevant experience may be considered
  • Information Assurance Manager (IAM) Tier 1 certification
  • Active TS/SCI with Polygraph required
  • Experience as an ISSO with emphasis on Defense-in-Depth principles, network, and enterprise security architecture
  • Experience applying the principles of the NIST 800-53 including the procedures in the Risk Management Framework (RMF)
  • Familiarity with STE/STN requirements
Job Responsibility
Job Responsibility
  • Ensure the appropriate operational security posture is maintained for information systems
  • Support continuous monitoring of networks to detect and correct areas of security non-compliance, unmitigated vulnerabilities, and other risks
  • Follow consistent security processes and play a role in the information systems continuous monitoring program
  • Perform regular audits of information systems
  • Assist the information systems security manager in preparing the information system for periodic reaccreditation
  • Responsible for 8-10 System Security Plans (SSPs)
What we offer
What we offer
  • Full coverage for health, dental, and vision insurance for both individuals and families
  • 100% coverage for life insurance, long-term and short-term disability
  • Match up to 7% of employees' contributions to their 401(k) funds
  • Follow the federal holiday calendar for paid holidays
  • 4 weeks of paid time off
  • $5,000 yearly for education assistance or technical training
  • $3,000 yearly toward student loan repayment or a 529 College Savings Plan
  • Fulltime
Read More
Arrow Right
New

Information Systems Security Officer

The Information Systems Security Officer (ISSO) is responsible for safeguarding ...
Location
Location
United States; Canada , Athens, Georgia; Atlanta, Georgia; Toronto, Ontario
Salary
Salary:
Not provided
docebo.com Logo
Docebo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in information systems security, with a focus on compliance with NIST and DoD guidelines
  • In-depth knowledge of FedRAMP, NIST SP 800-37, NIST SP 800-53, and DoD 8510.01 policies and procedures
  • Strong technical writing skills for developing SOPs, work instructions, and senior-level briefs
  • Proficient in risk and vulnerability assessment, security infrastructure design, and continuous monitoring
  • Prior experience on obtaining FedRamp ATO
Job Responsibility
Job Responsibility
  • Own the FedRAMP/DoD RMF authorization lifecycle for assigned systems (strategy → authorization → continuous monitoring → ATO maintenance)
  • Define and maintain the FedRAMP program governance model, roles & responsibilities (including Sponsor/Authorizing Official interactions)
  • Create, own, maintain, and version-control the System Security Plan (SSP), Security Assessment Report (SAR), continuous monitoring (ConMon) artifacts, POA&Ms, SSP annexes, and all ATO package deliverables
  • Build and run the ConMon program: define telemetry requirements, dashboards, vulnerability ingestion, thresholds, incident feed, and reporting cadence
  • Triage vulnerabilities, manage POA&Ms (track remediation owners, dates, residual risk), and ensure POA&M closure meets customer and FedRAMP expectations
  • Lead the selection, engagement, and technical coordination with 3PAOs and any external assessors. Ensure assessments, testing, and SAR content are accurate and timely
  • Evaluate security impact for architectural or operational changes (Security Impact Analysis), own risk acceptance processes, and coordinate Risk Acceptance with Sponsors/Authorizing Officials
  • Integrate change control with the ConMon program to ensure authorized/approved changes are documented and do not break control baselines
  • Act as the primary internal liaison across Product, Engineering, DevOps, Security, Sales, Legal, and Marketing for anything impacting the FedRAMP posture and ATO timelines. Drive working groups and weekly syncs
  • Support pre-sales and customer conversations on FedRAMP posture and timelines alongside Sales
What we offer
What we offer
  • Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
  • Employee Share Purchase Plan
  • Career progression/internal mobility opportunities
  • Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
  • WeWork partnership and “Work from Anywhere” program
  • Fulltime
Read More
Arrow Right
New

Chief Information Security Officer

The San Francisco Department of Public Health is seeking a dynamic and experienc...
Location
Location
United States , San Francisco
Salary
Salary:
180440.00 - 230308.00 USD / Year
sf.gov Logo
City and County of San Francisco
Expiration Date
January 09, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree from an accredited college or university
  • Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals
Job Responsibility
Job Responsibility
  • Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology
  • Directs the ongoing development of the department’s information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third-party risk management
  • Allocates and manages resources to support a robust security strategy
  • Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives
  • Builds alignment and support for security goals and initiatives across internal and external stakeholders
  • Promotes awareness and understanding of regulatory requirements across the organization
  • Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI-DSS
  • Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations
  • Serves as the department’s representative in security-related matters with City agencies and partners
  • Continuously monitors emerging trends, technologies, and best practices in cybersecurity
  • Fulltime
Read More
Arrow Right

Information Security Officer

Elevate Our Security Posture: Join Us as an Information Security Officer. Are yo...
Location
Location
Poland , Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in an information security role, with at least 2 years in a leadership position
  • Relevant certifications (CRISC, CISSP, CISA, CISM) are preferred
  • Strategic Mindset: Deep understanding of business goals and objectives, with the ability to align cybersecurity risk management with overall business strategy
  • Risk Management Expertise: Proven ability to identify, assess, and prioritize cybersecurity risks
  • Technical Proficiency: In-depth knowledge of cybersecurity principles, security controls, incident response, and industry frameworks
  • Communication & Collaboration: Excellent communication skills, with the ability to translate complex technical concepts for non-technical audiences
  • Leadership: Proven ability to lead and mentor a team of security professionals
  • Thrive in a Fast-Paced Environment: Experience contributing to and managing cybersecurity within a high-growth company
Job Responsibility
Job Responsibility
  • Risk Management: Proactively identify, assess, and mitigate security risks and vulnerabilities
  • Security Awareness: Develop and deliver engaging training programs to educate employees on security best practices
  • Compliance: Ensure adherence to relevant security standards and regulations (ISO 27001, PCI DSS, GDPR)
  • Policy & Procedure Development: Lead the creation and maintenance of clear and concise security policies and procedures
  • Third-Party Risk Management: Assess and manage the security posture of third-party vendors and partners
  • Data Protection: Define requirements and contribute to implementing Data Loss Prevention (DLP) solutions
  • Security Frameworks: Contribute to the adoption and implementation of industry-leading security frameworks (NIST, CIS)
  • Business Partnership: Collaborate closely with business units to understand their security needs and align with the overall security strategy
  • GRC Program: Operate and mature our Governance, Risk, and Compliance (GRC) program
  • Leadership & Collaboration: Lead and mentor a team of security professionals, fostering a culture of collaboration and continuous improvement
Read More
Arrow Right

Senior Information Security Officer

In a world of technology, people make the difference. We believe if we invest in...
Location
Location
United States , Reston
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
  • Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
  • A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
  • An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
  • Must presently be 8570 compliant (IAT Level 2 preferred)
  • Experience with one or more commercial government cloud service provider’s system accreditation processes
  • Experience with the Xacta
  • Experience as a Cybersecurity Control Assessor
  • Experience with Ongoing Authorizations and Assessments
  • Experience with C2S Cloud, or DevOpsSec
Job Responsibility
Job Responsibility
  • Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
  • Assist in overseeing and managing day-to-day operation of Information Systems
  • Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
  • Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC)
  • Create and process RMF authorization packages from submission to approval/disapproval
  • Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures
  • Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms)
  • Advise developers on integrating security requirements
  • Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Information Security Officer

The Information Security Technology Lead Analyst is a senior level professional ...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Established influencing and relationship management capabilities that contribute to strategic alignment and execution
  • Proven analytical skills and a strong sense of curiosity, with the ability to uncover the root causes and understand the true nature of complex security and risk issues
  • Familiarity with enterprise technologies including cloud platforms, APIs, identity management, and data protection practices
  • Demonstrated knowledge of secure design principles and security frameworks.
Job Responsibility
Job Responsibility
  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Support technical and business teams to resolve any vulnerabilities or issues detected in an application or infrastructure
  • Act as a trusted advisor to business and technology teams, providing pragmatic guidance on cybersecurity risks, controls, and requirements
  • Translate technical security concepts into business-relevant language to inform leadership decisions and drive action
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Participate in information security assessments across applications, infrastructure, and business processes, ensuring that non-compliant items are addressed in coordination with relevant stakeholders
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Contribute to the growth of less technical colleagues through knowledge-sharing, contextual guidance, and translating complex security concepts into practical understanding.
What we offer
What we offer
  • Competitive base salary (which is annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources.
  • Fulltime
Read More
Arrow Right

Senior Information Security & OT Officer

Senior Information Security & OT Officer role at METLEN Energy & Metals, focusin...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy