We process over two million customer bookings and over five million customer card payments each year. This means that our business handles vast amounts of information that our customers expect we will protect. The information we need to protect includes details of credit cards, bank accounts and other customer personal data. We also have a duty of care to our employees to protect their personal data and provide a safe place to work. The Information Security Team is responsible for providing information security assurance for the UK & Ireland arm of the business and is based in Luton. The team is expanding and this is an exciting opportunity to be part of a dynamic and growing function. What you will be doing We are creating an additional role to focus on project information security risk assurance. This role will manage risk as projects move through a formal project life-cycle and would be responsible for a portfolio of projects. The new role would support the Head of Information Security who is responsible for Information Security in the UK&I. As an Information Security Lead – Project Assurance your role will be responsible for (although not limited to) the general management of Project Assurance within the wider project life-cycle process – giving greater visibility and wider consideration to all projects (IT and non-IT) in order to better inform the business and Information Security Manager of their risk position. This role will mature an existing process to understand and manage the scope and potential impact of projects, while ensure business agility and coordination globally. The role will continually be performing risk based assessments and privacy impact assessments in order to determine treatment and action for the project/information security. We expect this will lead to fully specifying end to end security requirements based on an Information Security set of artefacts, stating baseline and policy. There will be some supervising penetration testing using 3rd Party suppliers in order to ensure project security and this will lead to wider interaction within the Information Security department to ensure visibility and accurate decision making. There will be broader inclusion into information security tasks, so assisting the other members of the team will also make up the day to day role – although to a lesser extent. Your ultimate responsibility will be to mature, socialise advise and assure the Information Security Manager of the security process applied to Projects within TUI. This role will ensure that we are capturing risks and actions and seeing them through to conclusion. There will be global liaison and visibility required as part of this role. This role will directly assist in enabling TUI to meet its strategic goals. You will be accountable for the following: Managing the UK IS integration within the IT PMO process Following the relevant governance and report compliance to the ISM Ensure risks are appropriately recorded within the UK risk process Present projects position to group IS to ensure collaboration Create clear process and templates for Project reporting to all stakeholders Previous team management experience Experience in improving Information security practices What we are looking for For this role we are looking for talented individuals who have • Experience performing information security governance of projects in a formal project life cycle • Experience performing privacy impact assessments • CISSP or equivalent qualifications • Experience managing penetration testing engagements using 3rd Parties • Experience of Prince2 methodologies • Effective communication, influence and stakeholder management skills • Ideally good experience with PCI DSS in a large retail organisation Working within TUI group TUI UK and Ireland is the UK’s largest tour operator with key brands including TUI, First Choice, Marella Cruises and Crystal Ski Holidays. Sub brands include Sensatori, Sensimar, and Family Life, as well as First Choice Holiday Villages and SplashWorld Resorts. Our airline is the UK’s third largest with 62 aircraft operating to over 88 destinations in 30 countries. We have a team of more than 10,000 employees serving over 5.5 million customers each year. It’s our people that make us number one TUI Group is the leading tourism business with over 67,000 employees across the world. The Group includes our unique hotel portfolio, our cruise ships, our own aircraft, tour operators, travel agencies, and much more. At TUI, we have embarked on a journey of development towards a more digital, connected and integrated future. But we haven’t arrived there yet. Join us now and shape the future of travel. You can look forward to a competitive salary, pension scheme and further benefits such as generous holiday discounts, great rates with foreign exchange and discounts with retailers. How to apply Apply online, we just need a few details from you and your CV.