Information Security Officer

Job Description

We're looking for an experienced security leader to join our Governance, Risk and Compliance team, partnering with business and technology leaders across TUI Group to manage information security risks in our Airline Technology Domain.

The role will be published until 8th May 2026.

ABOUT OUR OFFER

• Personal benefits: Attractive remuneration, discretionary bonus schemes, generous travel benefits, extensive health & well-being support, and more.

• Flexible working: Work is something you do, not somewhere you go. We encourage a healthy work-life balance with a dynamic working environment.

• A career to shape: Access the TUI Learning Hub to level-up and reach your ambitions.

• Broaden your network: We champion intercultural collaboration and provide opportunities to work on global projects and teams.

• Community: Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation.

ABOUT THE JOB

• You'll promote and inspire a security-first culture at TUI, directing the development and implementation of an enterprise Information Security strategy that's aligned to our business needs.

• Leading the provision of Information Security resources, expertise and guidance, you'll ensure each Domain is motivated and empowered to deliver their prioritised roadmap.

• Your extensive business knowledge will help you drive adoption of security policies, standards and controls through expert advice, protecting our most critical assets with appropriate assurance and rigorous testing.

• Managing security incidents effectively through engagement with our security operations team, you'll ensure lessons learned and audit findings are remediated whilst maintaining effective security operations.

• Building strong working relationships across business and IT teams, you'll explain complex ideas to audiences at all levels in a persuasive manner, instilling secure ways of working.

• You'll report on the overall effectiveness of the security programme against defined key performance indicators, driving continuous improvement and leading workstreams focused on developing the GRC team.

ABOUT YOU

• You're an experienced authentic leader with a solid understanding of technology and managing Information Security risks in the enterprise, passionate about delivering business value.

• Your strong people leadership skills help you build a positive enabling security culture based on trust, quality and pragmatic risk management, with experience mentoring and developing security talent from different cultural backgrounds.

• As a great communicator and influencer, you're comfortable working across hierarchical, organisational, cultural and market boundaries, articulating IT security issues clearly to both technical and non-technical audiences.

• You hold a recognised security accreditation (CISSP/CISM/CISA etc.) or equivalent experience with demonstrable Continuous Professional Development, maintaining a good understanding of latest security threats and mitigating strategies.

• Your experience includes implementing and maintaining an Information Security Management framework such as ISO27001 or NIST CSF, with a strong understanding of international regulatory context, particularly NIS 2, Part-IS and aviation-specific requirements.

• You have experience governing or managing audits by aviation regulators across Europe, integrating security into software development lifecycle and cloud security, with good understanding of technology standards like CIS, NIST, PCI, OWASP, ITIL and COBIT (experience with AWS workloads is desirable).

From a workplace to a place to belong. At TUI we embrace diversity, equity, and inclusion, encouraging everyone to come as you are, because together, our potential is limitless.

We are committed to supporting candidates with disabilities and impairments so if you require any support, please do let us know.

#LI-FD2