Business Information Security Officer

Business Information Security Officer

Luton/Hybrid

COMPANY

When it comes to innovation and achievement there are few organisations with a better track record. Join us and you’ll be able to play a big part in the success of our highly successful, fast-paced business that opens up Europe so people can exercise their get-up-and-go. With over 250 aircraft flying over 700 routes to more than 30 countries, we’re the UK’s largest airline, the fourth largest in Europe and the tenth largest in the world. Flying over 70 million passengers a year, we employ over 10,000 people. Its big-scale stuff and we’re still growing.

TEAM

The Digital Safety Team plays a critical role in keeping easyJet’s data safe and secure. At easyJet we refer to Digital Safety as the discipline of being cyber secure, cyber resilient and in control of the data that we process. The team is responsible for the day-to-day secure operations, governance, risk and compliance.

JOB PURPOSE

This role is part of the BISO team and manages the relationship between the Digital Safety team and the business. The objectives of the BISO are to support the strategic direction of information security into the business, as well as representing business requirements into the Digital Safety Team.

You will build strong, trusted relationships with business leaders providing advice, guidance and recommendations, whilst ensuring that the business maintains compliance with easyJet’s information security requirements, including relevant legislation and regulations. You will act as a subject matter expert for information security and be able to communicate information security requirements in business language.

JOB ACCOUNTABILITIES

1. Build enduring relationships and provide strategic advice and recommendations to business leaders to support them in aligning their practices with information security requirements and ensure they maintain compliance with policies and standards.
2. Be a champion for Information Security, building and maintain a positive culture of security within the business: Demonstrate your enthusiasm for information security and how this can support the business and reduce the risk of their operations being affected by a security incident. Encourage timely completion of all security awareness training and encourage participation in Digital Safety events and initiatives.
3. Find solutions to specific business challenges to strike the balance of the business needs with information security controls and provide optimisations to reduce friction and burden, whilst ensuring that information security outcomes are achieved.
4. Support departments in making business cases which support the improvement of information security controls.
5. Act as a point of contact and liaison between the Digital Safety Technical Security team and the business as part of the security incident management process, ensuring actions required by the business are directed to the appropriate personnel and representing the requirements of business-critical functions back into the process.
6. Support the management of risk-based decision-making in the business by owning actions to address information security risks, maintaining a risk register for your area of the business, and reporting these into regular forums and committees.
7. Data Privacy requirements managed adequately by the business, working in partnership with the Data Protection Officer (DPO).
8. Work closely with the wider Digital Safety team to stay abreast of security risks, threats, emerging trends, technologies and legislation which may impact the business.
9. Provide continuous feedback and regular reporting into the Digital Safety team and senior stakeholders, including how the business is performing against security policies, recommendations for the mitigation of information security risks within the business, improvements made, challenges to be addressed and the impact of any recent or proposed business changes.

KEY SKILLS REQUIRED

1. Experience of working within Information Security Management, with a broad knowledge of information security and IT concepts and how they apply within a business environment.
2. Experience of working across technical and business teams, clearly and concisely communicating in a manner which can be understood by all.
3. Experience of information security and/or IT risk management.
4. Excellent relationship skills, being an active listener, good mediator and effective negotiator.
5. Being a strategic thinker and a problem solver.
6. Having an analytical mind, interpret information effectively, and be able to present it clearly to business stakeholders.
7. Having high ethical standards and impeccable personal integrity. Be willing to undergo security vetting, if necessary.
8. Experience of working within aviation or another regulated environment is desirable, but not essential.

What you’ll get in return

1. Competitive base salary.
2. Up to 20% bonus.
3. 25 days holiday.
4. BAYE, SAYE & Performance share schemes.
5. 7% pension.
6. Life Insurance.
7. Work Away Scheme.
8. Flexible benefits package.
9. Excellent staff travel benefits.

About easyJet

At easyJet our aim is to make low-cost travel easy – connecting people to what they value using Europe’s best airline network, great value fares, and friendly service.

It takes a real team effort to carry over 90 million passengers a year across 35 countries. Whether you’re working as part of our front-line operations or in our corporate functions, you’ll find people that are positive, inclusive, ready to take on a challenge, and that have your back. We call that our ‘Orange Spirit’, and we hope you’ll share that too.

Apply

Complete your application on our careers site.

We encourage individuality, empower our people to seize the initiative, and never stop learning. We see people first and foremost for their performance and potential and we are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates.