Responsibilities and Duties:

• Develop and execute the organization's information security strategy, policies, and procedures.
• Identify and mitigate security risks related to airline IT systems and operations.
• Ensure alignment with industry standards and regulatory requirements.
• Conduct regular risk assessments and vulnerability analyses across all IT systems.
• Develop and maintain a risk management framework to address potential security threats
• Collaborate with internal and external stakeholders to remediate identified risks.
• Establish and maintain an incident response plan to address security breaches and cyberattacks.
• Coordinate with IT teams to investigate incidents, mitigate impacts, and implement corrective actions.
• Perform root cause analyses and provide recommendations for improvement.
• Ensure compliance with global aviation regulations, data protection laws, and security standards (e.g., IATA, ICAO, GDPR, PCI-DSS, ISO 27001).
• Manage security audits and assessments, including those conducted by third parties.
• Maintain documentation of compliance efforts and security measures.
• Develop and deliver security awareness programs for employees and partners.
• Promote a culture of security throughout the organization.
• Provide guidance and training to IT staff on security best practices.
• Oversee the implementation and management of security technologies, including firewalls, intrusion detection systems, and endpoint protection.
• Monitor system performance and security alerts to identify and address potential issues proactively.
• Ensure secure integration of new systems and technologies.
• Work closely with IT teams, vendors, and external partners to stay updated on emerging threats and solutions.
• Explore innovative security technologies to enhance the organization’s defence capabilities

Requirements and Qualifications:

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Advanced degrees or certifications in security (e.g., CISSP, CISA, CISM, CEH)
• Minimum of 7-10 years of experience in information security, with at least 3 years in a managerial role.
• Understanding aviation business dynamics
• Strong knowledge of cybersecurity technologies, frameworks, and practices.
• Expertise in security risk management, compliance, and incident response.
• Project Management
• Excellent communication and stakeholder management skills
• Ability to work under pressure and make informed decisions in high-stakes situations