Job Description - Technical Assurance Manager - Cyber Security (15738)
Location: Luton/Hybrid
COMPANY
When it comes to innovation and achievement there are few organisations with a better track record. Join us and you’ll be able to play a big part in the success of our highly successful, fast-paced business that opens up Europe so people can exercise their get-up-and-go. With over 250 aircraft flying over 700 routes to more than 30 countries, we’re the UK’s largest airline, the fourth largest in Europe and the tenth largest in the world. Flying over 70 million passengers a year, we employ over 10,000 people. Its big-scale stuff and we’re still growing.
The role of Technical Assurance Manager is part of the Digital Safety Assurance team led by the Head of Digital Safety Assurance. The Digital Safety Assurance Team is made up of Risk, Compliance and Technical Specialists that are tasked with managing the cyber risk across easyJet. Digital Safety sits organisationally as part of our Group General Council Office.
JOB PURPOSE
Reporting into the Head of Digital Safety Assurance, the role Technical Assurance Manager is key within the Digital Safety Assurance department. This role acts as the 2nd line of defence tasked with providing oversight of Cyber Security Controls in line with Digital Safety policy, security standards and our legal and regulatory compliance requirements. Along with capturing exposures and exceptions as part of risk identification.
JOB ACCOUNTABILITIES
1. Overseeing, educating and assessing the implementation of Digital Safety policies, associated security standards and security NFRs ensuring they are effectively embedded within the organisation.
2. Overseeing processes to safeguard company data throughout all processes and systems, working with Digital Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks.
3. Working with the Cyber Architecture to validate the threat models produced as part of the project design process.
4. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk into the risk management process.
5. Identify the controls failures that contribute to changing security threats, compliance requirements and changes to business access requirements.
6. Recommending information security related technical and organisational measures to meet compliance with internal and external regulations, including GDPR.
7. Working with the functional Managers and Department Head to develop and implement strategies to embed control effectiveness where deficiencies are found.
8. Collaborating with other teams and departments to foster a culture of security and awareness within the organisation.
9. Delivering training sessions and workshops to staff on cyber security and protection of data-in-use related topics to ensure understanding and compliance.
10. Preparing reports on Technical Assurance activities performed and presenting them to management and stakeholders, highlighting any areas for concern or improvement.
11. Support during security incidents to work to minimise cyber-attack or understand data loss.
KEY SKILLS
1. Technical cyber security knowledge and practical experience of cloud computing technologies e.g. AWS, GCP and Azure.
2. Detailed understanding of data protection, cyber security, privacy and confidentiality.
3. Detailed understanding of the importance of access control in the protection of data.
4. Detailed understanding of the protection controls applied to data throughout its lifecycle (including structured and unstructured data sets), data-at-rest, data-in-transit and data-in-use.
5. Detailed understanding of privacy engineering controls e.g. encryption, masking and pseudonymisation.
6. Detailed understanding of the information lifecycle and the self assurance framework for Records Management.
7. Experience of implementing data security standards such as ISO27001, PCI DSS, NIST CSF, CAA CAF etc.
8. Ability to effectively manage cyber security risks and can clearly communicate with key stakeholders to minimise the risk to easyJet.
DESIRABLE SKILLS
1. Experience leading a Cyber Security Assurance function or similar
2. Bachelor's Degree (or equivalent experience) in Cybersecurity, Computer Science, Information Systems, or related field
3. Professional Information Security certification such as CCSP, CISM, CISSP, CEH, GIAC, or CASP+
COMPETENCIES
1. Ownership and Delivery. Has a clear focus to deliver results, working to targets, reviewing progress and adapting their plans accordingly, motivating themselves/the team to achieve.
2. Customer and Shareholder Value. Understands who their customers are and seeks to exceed their needs, focussing on the importance of safety for both customers and employees.
3. Business Performance. Understands business and external environment, is cost conscious and understands the longer-term perspective and implications of decisions.
4. Building Relationships. Expresses ideas confidently and clearly, builds positive and constructive relationships with others, gets to know colleagues within their own team and supports them to ensure team goals are achieved.
BENEFITS
1. Competitive base salary
2. Up to 20% bonus
3. BAYE, SAYE & Performance share schemes
4. Flexible benefits package
5. Excellent staff travel benefits
About easyJet
At easyJet our aim is to make low-cost travel easy – connecting people to what they value using Europe’s best airline network, great value fares, and friendly service.
It takes a real team effort to carry over 90 million passengers a year across 35 countries. Whether you’re working as part of our front-line operations or in our corporate functions, you’ll find people that are positive, inclusive, ready to take on a challenge, and that have your back. We call that our ‘Orange Spirit’, and we hope you’ll share that too.
Apply
Complete your application on our careers site.
We encourage individuality, empower our people to seize the initiative, and never stop learning. We see people first and foremost for their performance and potential and we are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates.
#J-18808-Ljbffr