Business Information Security Specialist

Job Title

Purpose of the role

As a Business Information Security Specialist, you will play a pivotal role in protecting our organization from security threats, fraud, and privacy breaches. 
You'll collaborate with cross-functional teams, including the Global Security Operations Center (GSOC), Anti-fraud teams, and customer-facing departments (Travel Sellers and Distribution Airlines) as well as development and project management teams across the org. 
Typically your skills and experience will be more focused on either the business operational security track or the technical track. Both, together are preferred however demonstratively strong skills/experience on one track is acceptable.
Sometimes it's hard to understand your singular contribution making a difference to the organisation. In BISO, you will tangibally feel that direct impact on a daily basis.

In this role you'll:

Incident Management:
- Perform the Security Incident Manager (SIM) coordination role for TRD  to manage reported/suspect security incidents.
- Provide security consultancy role to BU stakeholders during incident lifecycle.
- In coordination with GSOC & Anti Fraud teams, perform incident analysis and reporting
 

NFO Security (Non-Fully Owned ACOs):
  - Advise small to SME sized organizations on all aspects of Privacy and Security.
  - Manage guest user account lifecycle, maintaining accurate guest user information.
  - Manage the Partner Market security training program lifecycle ensuring training is appropriately assigned and completed.
 

Deployment of security features:
- Coordinate  (project mode) deployment activities of various security artifacts: 
  - Access rights in the region 
  - SEC Programs: DMARC, SDL
  - Multi-Factor Authentication
  - Oversight governance on regional developments
  - Solution decommissioning/migrations/divesting
- Host Security
  - PNR security. Coordinating ongoing Security sponsored efforts to secure the PNR as it is used today and the future.

Security Audits, Assessment Questionnaires, and RFPs:
- Provide technical and general security support to BU RFP and Security Questionnaires from customers.
- Support the 3rd party/Partner security assessment/audits.
- Advise businesses under assessment on security technical, policy, procedure best practices and how it links to concrete implementation.

Technical and Functional Security Representation:
- Domain expert in either Technical and or Functional Business Security to the Business Unit
- Support and guidance to customer facing teams and customers directly on domain expertise where required.
- Support other Security pillars within BISO when expertise is required (audit analysis, RFP, pen test results etc)
- Coordination of risk lifecycle with appropriate stakeholders.

About the ideal candidate:

• Degree CompSci or a Cybersecurity. 

• CEH, CISSP, CISM or equivalent. Not essential but helpful

• Relevant experience is often more highly valued.

• Understanding networks, IP addressing, subnetting, NAT, VLAN.

• Securing common internet technologies (web, mail, DNS servers etc), firewalls (rules), proxies, IDP/IDS, SIEMs

• Operating systems (W/M/L) (client and server) and how to use all of them especially from a command line.

• IAM, Auth/Auth models, general web protocols especially around security and authentication

• Development background in a modern languages. Understanding the full application lifecycle and the components that go into building modern software

• Ability to audit an entity against a clear set of criteria, often remotely.

• Travel Industry experience would be helpful. Travel agency, GDS and Airline business models and how they interoperate. The complexity of the industry is renowned.

• Knowing Amadeus product line, LSS, PNR, Backend Infrastructure, applications is very helpful

• Open to work in a hybrid set-up.

Diversity & Inclusion

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.  

Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.