• Job Description

  Req#: 124226

  TUI Group is the world’s number one integrated tourism business. Information Security is a global team within TUI technology responsible for maintaining and continuously improving security across TUI. We are a multi-disciplinary team of experts across Governance, Risk and Compliance (GRC), Architecture, Engineering and Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Spain, Germany, Belgium and The Netherlands.

  We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.

  We are looking for a talented and dedicated leader to join the Information Security team supporting the information security programme for the Central Region (Germany, Austria, Switzerland, Poland). This role will also represent Information Security at the TUI Works Council(s).

  As an Information Security Manager within our GRC team you will perform a crucial role in protecting our IT organisation.

  ABOUT THE JOB

  As an Information Security Manager (ISM) you will promote a security first culture within your domain. You will contribute to the creation, iteration and maintenance of an information security programme to address the evolving business risk and empower the Domain to deliver a prioritised roadmap. You will lead the collaboration with stakeholders to communicate and embed secure ways of working. This will include protecting the TUI brand and its customers, detecting and responding to incidents, strengthening our defences, reducing the attack surface and securing our behaviours.

  You will:

  • Drive adoption of and adherence to security policies, standards, and controls through the provision of expert advice and guidance.
  • Help protect our most critical assets and ensure appropriate assurance and rigorous testing is in place.
  • Track lessons learned from security incidents and drive the remediation of audit findings within the domain.
  • Ensure that security controls are effective (e.g. vulnerability scanning, patching).
  • Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit.
  • Manage risk in a pragmatic and cost-effective manner to ensure stakeholder confidence.
  • Report on the overall effectiveness of the security programme in the Domain against defined key performance indicators and drive continuous improvement.

  Our information security team works in collaboration with business and IT teams across our many businesses. You will build strong working relationships and influence others to do the right thing to Protect our Smile.

  Security is part of everyone’s job. At TUI, we practise secure behaviours first in everything we do.

  ABOUT YOU

  • Business fluent German skills (required for Works Council representation).
  • Demonstrable experience of leading an information security capability (or ISMS) and governance, risk and compliance activities for a large business unit.
  • Strong communication and influencing skills. Experienced at gaining commitment at business unit board level.
  • Experience at preparing for and representing an area of a large business at Works Council meetings.
  • Good understanding of Microsoft security best practices related to cloud and on-premises technology and security in Amazon Web Services.
  • Experience of working with technical teams to secure Microsoft technologies such as Azure and MS365.
  • Adept understanding of security operations.
  • CISSP/CISM/CISA certified preferred.
  • Good understanding of the international regulatory context, particularly data privacy.
  • Good understanding of standards and frameworks such as ISO27001, NIST, PCI, OWASP, ITIL and COBIT.
  • Excellent planning and organisation skills to determine effective course of action.
  • Excellent interpersonal skills to work with technical and non-technical colleagues around the world.
  • Goal orientated to maintain focus on agreed objectives and deliverables.
  • Problem solving skills to identify creative and elegant solutions.
  • Strong commercial acumen when taking actions or making decisions.
  • Good organisational awareness. Able to identify the decision makers and influencers.
  • Ability to understand the needs, objectives, and constraints of those in other teams.

  ABOUT OUR OFFER
  

  • Working in the leading global tourism group: We stand for intercultural cooperation and offer the opportunity to work in international projects and teams.
  • Fantastic holiday benefits including discounts, special offers
  • Mobile working, flexible working hours and working from abroad: We believe that work is something you do, not where you go. Our offer: TUI Way of Working
  • Health and Wellbeing support in five key areas – Health, Social, Community, Career and Financial
  • Development and career opportunities: We offer a wide range of digital training and international career opportunities.
  • Additional benefits relevant to the local market that you'll be based in

  
  At TUI, we know people are as diverse as the destinations we send our customers to. We love to see your uniqueness shine through and inspire the future of travel.

  If you have any questions, please contact the Recruiter for this role via the contact information included in the advert.

  Please Note: These vacancies will be managed by an International Recruitment Team and therefore your application may be viewed by TUI colleagues outside your home country.

  #LI-JS1

• About the company

  TUI AG, also known as TUI Group, is a German multinational travel and tourism company headquartered in Hanover, Germany.

Notice