Head of Security, Risk and Compliance

Conteúdo do emprego

MEET AVIOBOOK ✈️

OUR MISSION

... with our continuously growing and awesome team, we are uniquely positioned to bring together the latest robust technologies to design world-class secure, easy to use software and hardware solutions for all types of aircraft. With extensive experience in software and hardware, our innovative solutions maximize the efficiency of aircraft and their crew.

OUR WAY OF WORKING

.. values Care above all!

We stand for Ownership; meaning we feel connected to our work and are responsible for the quality thereof. We get the job done and identify ways for others to achieve our goals.

We stand for Craftsmanship; We take pride in delivering high quality work and recognize the value it brings to our colleagues & customers.

We stand for Transparency; We demonstrate trust and respect through open communication & constructive feedback.

We are very proud of our market leader position that we have built over the past 13 years and we are committed to keep contributing and delivering high quality software & hardware solutions to the airline industry worldwide.

WHAT YOU WILL BE DOING

The Head of Security, Risk and Compliance is responsible for driving on a daily basis the Aviobook Information and Security Management System (ISMS) in compliance with the ISO/IEC 27001 standard. He/she ensures the quality and consistency of the Aviobook ISMS, manages the different processes tracked within the ISMS and reports on the related performance.

In the context of the ISMS, the Head of Security, Risk and Compliance is responsible for leading and maturing the risk management processes for IT/Information Security, as well as actively raising the adherence to the Aviobook IT Security policy framework and initiating and leading the efforts needed to be compliant with IT Security standards as defined by our customers or regulatory instances.

The Head of Security, Risk and Compliance is located in Hasselt and reports to the CEO.

Responsibilities

Information Security Management System (ISMS)

• Set up, lead and monitor the security strategy of the organization
• Drive Aviobook’s ISMS in compliance with ISO/IEC 27001 standards, overseeing defined scope and objectives.
• Supervise and contribute to recurring ISMS activities
• Plan and conduct ISMS governance meetings at tactical and operational levels.
• Monitor open actions via the Monitoring Plan
• Report ISMS performance and escalate matters to relevant governance bodies.
• Lead continual improvements and support tool selection and implementation.
• Coordinate internal and external audit activities.
• Communicate ISMS updates to stakeholders.

Risk Management

• Organize and conduct or review Risk Assessments, ensuring consistency.
• Support and challenge Risk Owners in identifying risks and defining treatment actions.
• Update and monitor Risk Assessment files and registers.
• Further mature risk management processes on operational and tactical levels.

Compliance Management

• Manage the IT Security policy framework.
• Ensure IT Security policies align with customer and regulatory standards.
• Collect and propose policy amendments, aligning with relevant stakeholders for approval.
• Lead periodic reviews of IT Security policies and communicate updates.
• Inspire adherence to IT Security policies and raise security awareness.
• Measure, analyze, and report adherence to IT Security Policies.
• Support IT Asset and Control Owners in identifying gaps and corrective actions.
• Update and monitor the Gap Tracker.
• Fulfill IT security questionnaires and assess the IT security posture of third parties.
• Assess IT Security standards and PII legislations, initiating compliance actions/projects as needed.

Skills

You have at least:

• Bachelor’s degree
• 10 years of experience in IT (Security)
• 5 years of experience in international and global organizations
• 5 years of management experience in a management position or as a senior project manager
• 3 years of experience in security risk assessments, risk management and security controls.
• Strong analytical and reporting skills
• Great oral and written skills to translate complex risk requirements
• Structured and planned executor
• Mature personality with excellent interpersonal and presentation skills

Knowledge and understanding of:

• IT (networking, infrastructure layer, application layer, etc.) and IT Security.
• IT (Security) operations and processes.

Strong knowledge and understanding of :

• Information Security standards (e.g. ISO 27001)
• PII legislations (e.g. GDPR, CCPA, Global Privacy legislation)
• Risk Management frameworks

Fluent in writing and speaking in English, knowledge of French is a plus.

You obtained professional certifications such as ISO27001 Lead Auditor, CISM, CRISC or equivalent.

You keep yourself up-to-date on latest cyber and information security trends and threats.

WE OFFER YOU

... an in-house job with a contract for an indefinite period (no consultancy)

... a great place to work with an enthusiastic team & strong team spirit

... a challenging and dynamic environment within a growing structure

... a varied job that offers personal development opportunities and continuous training in the field

…. hybrid work schedule

... a competitive salary package with a company car and fuel card/charging card, meal vouchers, group insurance, net allowance and as the cherry on top an amazing health insurance coverage by Alan!

and last but not least...

... you’ll be part of changing the way aviation works!

LOCATION?

Hasselt, Belgium - Herkenrodesingel 8D bus 3.01

INTERESTED?

You are kindly invited to take a look at www.aviobook.aero

Show us that you are motivated to join our team and send us your cv.

Hope to see you soon!

The A-team