Start your job search

Security Engineer Information Security and Data Privacy

1506308

About this role:

We’re seeking a Security Engineer to join our Information Security team at Skyscanner. Our vision is to be the most trusted and most used online travel brand in the world. Our customer charter highlights our commitment to the confidentiality and security of our data, so we are seeking to hire an individual to help us with delivery of our Information Security programme across our highly agile environments.

Previous experience of delivering governance, risk and compliance streams within the internet economy would be beneficial and a balanced approach will be required with the right level of constructive disruption and an obsession for the detail.

This individual will work closely with Skyscanner’s engineering and legal teams in helping to deliver and socialize privacy and compliance streams. The candidate should have familiarity and awareness of key privacy and security compliance issues on a global basis along with good understanding of modern engineering principles and technologies.

Scope of responsibility and experience needed:

• Experience of working closely with legal, compliance and product engineering teams in helping to shape and implement data privacy and data security requirements
• Ensuring that any strategy set within the InfoSec function adheres to the corporate governance requirements.
• Familiarity with privacy and payment compliance regulations on a global basis, including in particular PCI-DSS and GDPR
• Management of third party risk management and security due diligence and implementation of security awareness training programmes.
• Ensure operational strategy is in line with business objectives implementing cost effective solutions lowering the residual risk to an acceptable level
• Experience of working closely with product teams on technical implementation of privacy by design approaches, including pseudonymisation.
• Implementation of flexible information security governance, policy, processes and procedures across the global business.
• Experience of data mapping and assisting with maintenance of GDPR-standard personal data records.

Must have:
• Experience in the successful delivery of InfoSec programs and governance across Agile organisations in multiple geographical areas.
• Assisting legal team with advising the business on new and emerging privacy trends and technologies to ensure business compliance and to maximise business opportunities
• Experience in implementing corporate Data protection strategies and policies.
• Experience in supporting the Product and Engineering teams, in the development of new products, services or initiatives. Ensuing that from technical perspective our systems are synced and built to deliver against requirements notified by legal and privacy governance group, e.g. subject rights such as right to delete all personal data across platforms.
• Data classification and mapping experience in heavily distributed organizations.
• Being able to demonstrate successful implementation of strategies and process to comply with GDPR in multiple areas (Corporate and Engineering).
• Experience in supporting initiatives in marketing, business intelligence, digital advertisement, digital tracking and vendor integrations.
• Able to demonstrate experience in creating and delivering privacy by design trainings and awareness, able to generate cultural change.
• Knowledge of the privacy and compliance services and tooling marketplace with vendor management experience.
• In-depth experience of compliance streams such as PCI-DSS and SOX.
• Strong communication and stakeholder management. Ability to work well with cross-functional and geographically dispersed teams.

Preferred experience/expertise/domain knowledge:
• A candidate applying for this role, would ideally have demonstrate a successful track record focussed on the above in a company operating in the internet economy.
• Experience in Agile/lean organisations.
• Ownership of risk management framework, processes and qualitative/quantitative assessments
• Experience of personal data breach processes and running playbook-based data breach drills.

I would like to apply for the post of Security Engineer Information Security and Data Privacy bases at your esteemed organisation. I have attached my CV.

CV:

I agree to Terms and conditions* and Privacy Policy* and Site Usage Policy*

I don‘t want to receive regular notifications (in a form of newsletters) on new/featured Job Listings sent to my e-mail.