Auto req ID: 5611BR
Employee type: Regular - Full Time
The opportunity to go further
When you work at Travelport you can make a difference on a global scale. As a Director of Cyber Security, you’ll be joining a team that’s responsible for delivering truly innovative software that impacts our many customers and travelers around the world. The Director is responsible for working with senior staff in documenting a security roadmap, gathering requirements, researching industry best practices, and conducting trend analysis. Ensure Travelport is protected from potential leaks or malicious activities. This is a people leadership position managing teams, implementing security technologies, and best practices across the organization. Establish a corporate wide strategy for information security spanning architecture, design, implementation and day-to-day operations.
- Define security roadmap, policies, procedures, best practices, training programs, standards and products that enable security functions associated with information technology systems, networks, applications, communications within the enterprise.
- Advise on how to secure information systems by dealing with electronic threats and vulnerabilities, privacy issues, physical security, and operations continuity; applying security forensic technologies; monitoring network and systems management processes; maintaining security platforms with certification authority; and best in breed security management products, tools, and offerings.
- Experience providing security engineering, governance, and information risk management expertise to Executive, C Suite, and Board of Director level audiences.
- Lead the development and implementation of prudent enterprise security standards, guidelines and procedures to protect the integrity, availability and privacy of all corporate information assets.
- Guide the Business Unit and IT executives to help prioritize security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan.
- Lead the development, implementation and management of relevant metrics to measure the efficiency and effectiveness of the information security management systems (ISMS), risk management and related compliance programs.
- Develop and implement appropriate metrics and KPIs and provide regular reporting on the information security program maturity, risk posture and management, and regulatory compliance of the company.
- Assist with high level architectural analysis, design, and guidance for teams inside and outside of the department.
- Document current security product and practices in various areas such as: Endpoint security, MDM, Device AuthN, IDM, Network security, Monitoring, Operations, Incident management, Application Security, Encryption, Anti-Virus, IPS/IDS, and Firewalls.
- Research best practices, conduct trend analysis, and identify gaps in developing future-state designs and specifications.
- Develop technical standards for the corporation and provide subject matter expert level advisory services regarding commercially accepted best practices for security systems.
- Provide security architecture and consulting services with business units and IT organizations.
- Understand customers' business drivers and requirements and translate those into technical solutions.
- Contribute to developing new business by providing subject-matter expertise and effort estimates to proposals.
- Create white papers and other internal documentation highlighting industry best practices for information security in technology development and applications.
- Create, develop, and maintain standard practices and procedures to respond appropriately to internal and external threats.
- Adhere and follow Information Security process, policies, and procedures congruent with standards and industry best practices.
- Participate and provide input for any performance management activities.
- Bachelors in information technology, computer science, application development, programming, or related degree and/or equivalent work experience.
- 15+ years experience with direct responsibility for hands on security architecture, design, development and deployment experience of security technologies
- 10+ years experience in administering security controls in an organization
- Experience presenting to Executives, C Suite, and Board of Director level audience
- Must have cloud security design and deployment experience in AWS, Azure, or Google
- Experience with the implementation of automated system monitoring tools.
- Knowledge about security standards/policies (PCI, ISO 27001, SOC, SOX, NIST, CIS)
- Experience providing security engineering, governance, and information risk management expertise to internal and externally.
- Technical or managerial leadership on large-scale cybersecurity/enterprise operations.
- Able to design and develop sustainable and coherent security strategies and solutions aligned with customers’ business objectives and mission.
- Successfully performs continuous research on emerging technologies/solutions that could either affect or enhance current technology security functions.
- Technical expertise in incident response, forensics, penetration testing, security architecture, vulnerability management, and risk management.
- Current SANS certification holder (technical tracks) strongly preferred
- Security Certifications desired, CISSP, CISA, CPISM, ISSAP, OSCP, OSWP
- Other industry certifications preferred, CCNA, CCNP, CCIE, MCSE, CCSA, CCSE, CCSM.
- Application or software security certifications are preferred, such as CSSLP, GIAC GWEB/GSSP-Java/GSSP-.NET
- Travel industry preferred