We have disrupted the way people travel since we started 25 years ago, and we don’t intend on stopping. We may be facing the biggest challenge in our history, but we are confident that throughout the pandemic we have taken the right action to build back stronger and better – and we want you to play a part in that and #belongherewithus.
We know that flexibility, balance and wellbeing are more important than ever right now. Whether that’s working remotely, part time, or needing extra support when times are tough – we are always #happytotalkflex.
We’re Europe’s leading airline – with a network of over 1000 routes across 35 countries. We lead the industry in data, digital, web, engineering and operational innovations, to make travel easier and great value for our customer.
We have also been named as Britain’s Most Admired Company of 2020 in the transport sector, retaining the leading position for a second year running. We support. We empower. We excite. And we do it our way. We’re uniquely different. We’re easyJet.
Job Purpose
The Cyber Compliance Officer is responsible for monitoring the compliance of easyJet against our internal policies and external requirements such as NIS and PCI DSS. This will allow easyJet to track compliance on a continuous basis and ensure that all mandatory compliance reporting is met. Additionally, the specialist is responsible for reporting against internal compliance objectives, polices and standards.
Job Accountabilities
Monitoring adherence to easyJet’s compliance requirements
Preparation of compliance reports to internal and external stakeholders (e.g. Management, CAA and Acquiring banks)
Building relationships with peers in relevant compliance bodies
Tracking activities against the compliance calendar
Collating information from the control and information asset registers to provide internal compliance reports
Day to day liaison with relevant bodies in respect of compliance reporting
Tracking, management and reporting of risk, control and deviation remediation activities
Tracking, management and reporting of audit remediation activities
Development of overall compliance reporting metrics.
Day to day liaison with external auditors, suppliers and internal resources where required, to meet compliance requirements
Preparation of material for external auditors
Ideal Qualifications
CRISC, CISM or similar (eg Institute of Risk Management)
PCIP
COMPTIA Security + or other technical security qualification
Level of Responsibility Required
>Autonomy - Works under routine direction. Uses discretion in resolving issues or enquiries. Works without frequent reference to others.
>Influence - Interacts with and may influence immediate colleagues and some external contact with regulators, customers, suppliers and partners. May have more influence in own domain. Aware of need to collaborate with team and represent users/customer needs.
>Complexity - Performs a range of work activities in varied environments. May contribute to routine issue resolution.
>Knowledge - Demonstrates application of essential generic knowledge typically found in industry bodies of knowledge. Has gained a good domain knowledge. Absorbs new information when it is presented systematically and applies it effectively.
Business skills
Has sufficient communication skills for effective dialogue with customers, suppliers and partners.
Is able to work in a team. Is able to plan, schedule and monitor own work within short time horizons. Demonstrates a rational and organised approach to work.
Understands and uses appropriate methods, tools and applications.
Identifies and negotiates own development opportunities.
Is fully aware of and complies with essential organisational security practices expected of the individual.
Desirable Skills/Experience
Ideally previous work in a cyber / information security compliance role that has required a general broad understanding of controls. However business experience gained in a similar role combined with relevant information security / cyber security education would also be appropriate.
This role operates at SFIA level 3
Candidates must have the essential skills identified.
Strong candidates will demonstrate the desirable skills.
LOCATION & HOURS OF WORK
This full time role will be based in Luton, and will be 40 hours per week.