Travelfusion is the world's largest travel B2B content aggregator for low cost airline flights powering the ability to search and book these flights on leading online, business and leisure travel agents websites, mobile sites and call centres worldwide. The business also offers a wide range of full service airlines, hotels and rail companies on its platform. In addition Travelfusion has developed a range of payments services, TFPay, which manages payments and reconciliations for millions of air tickets. We are a dynamic SaaS technology company, rapidly growing profitable business with 175 employees based in London, Shanghai and Thessaloniki.
The Role
The Data Security Officer will be responsible for ensuring the security of data systems and implementing security measures to protect our systems integrity and sensitive information.
Duties & Responsibilities
Developing and implementing data security policies and procedures including establishing frameworks for protecting sensitive data, ensuring compliance with legal requirements and managing data retention
Conducting data security audits and regularly assessing the effectiveness of security controls and identifying areas for improvement
Managing data security incidents responding to and investigating data breaches, ensuring proper reporting to authorities and affected parties
Provide data security training and awareness to educate employees on data security best practices, privacy regulations, and their roles in protecting sensitive information
Collaborate with systems, legal and other relevant teams to ensure data security is integrated into all aspects of the business
Advising on data sharing agreements, reviewing data sharing agreements with third parties, ensuring compliance with relevant regulations
Maintaining records of processing activities keeping track of how data is being processed and used including Records of Processing Activities (ROPAs)
Assisting in data protection impact assessments helping to identify and mitigate potential risks associated with data processing activities
Communicating with data protection authorities serving as the main point of contact for data protection authorities and responding to their inquiries
Stay informed about data protection regulations and best practices keeping abreast of changes in data protection laws and emerging threats to ensure the company remains compliant and secure
Required Skills & Experience
Minimum of 5 years experience in leading and implementing security measures: protocols, data security, cyber and information security
Knowledge of regulations with a deep understanding of GDPR and other data protection laws
Technical skills: proficiency in data security tools, encryption technologies and audit methodologies.ability to analyse security threats and vulnerabilities
Excellent problem-solving and decision-making abilities
Strong communication and interpersonal skills
Experience in the travel technology industry an advantage
Bachelor's degree in Computer Science, Information Technology, Law or related field
Hybrid working City of London