Join to apply for the Chief Information Security Officer role at IAG Loyalty
We’re the people behind global loyalty currency, Avios, and home to two ambitious, growing businesses across Loyalty and Holidays. Each business has its own goals, strategy and team, but collectively we share a purpose to create the world’s most rewarding experiences for our customers through loyalty programmes, new products and holidays.
The opportunity
We have a brand new opportunity for an experienced Chief Information Security Officer (CISO) to lead the information and cyber security strategy across IAG Loyalty companies, which include Loyalty (the Avios currency) and British Airways Holidays. Reporting to the Chief Technology, Data & AI Officer you’ll establish a unified security vision and governance framework, while tailoring risk-based solutions to the unique needs of each company. You’ll be the principal advisor to the executive team and board on cybersecurity matters affecting our businesses, and you’ll play a key role across the wider IAG group to develop and implement an aligned federated security governance model. Your leadership will extend beyond security to help drive business growth and manage change within our Senior Leadership Community.
To be successful in this role you’ll need to be a leader who can operate at both strategic and operational levels across diverse business environments.
What you’ll get up to
* Standardise information security policies, frameworks, and controls across all entities, while allowing flexibility for business-specific regulations.
* Oversee cybersecurity regulatory compliance initiatives (e.g. NIST, ISO 27001, SOC 2).
* Lead the design and operation of shared security services between IAG Loyalty and IAG airlines (e.g., threat detection, incident response, intel management, data sharing) at the group level.
* Establish clear escalation protocols and cross-company incident response procedures.
* Align security initiatives with individual business unit goals while maintaining IAG Loyalty-wide consistency and efficiency.
* Present risk reports, maturity assessments, and board-level dashboards to group leadership.
* Drive adoption of advanced security technologies, automation, and intelligence-sharing across the group.
* Evaluate and manage third-party security risks, including vendors and strategic partners.
* Prepare our security landscape for an AI-driven future.
What we need from you
* You’ll have considerable progressive security experience, including several years in a senior leadership role of cyber functions in scale-up or high-growth environments, where you’ve had to be hands-on, commercial, and adaptable.
* You have a proven track record of establishing and scaling company-wide security programs.
* You’ll have a strong understanding of risk management, compliance frameworks, cloud security, and modern enterprise architecture in an agile working practices environment.
* You’ll have recognised security certifications: CISSP, CISM, CISA, CRISC, or similar.
* You’ll possess a strategic growth mindset balanced with a security-first approach.
We might not be right for you if
* You prefer a narrow to-do list; we’re a small, high-performing team and collaborate to succeed.
* You value perfection over fast iteration and progress; IAG Loyalty moves fast, and we learn and iterate as we go.
* You’re looking to create but not build; this is an end-to-end role, comfortable owning space from ideation through delivery and review.
Equity, Diversity and Inclusion at IAG Loyalty
Our vision, to create the world’s most rewarding experiences, applies not only to customers but to colleagues too. We foster a culture where everyone feels welcomed and valued by embracing diverse identities, personal histories, and perspectives. This commitment makes IAG Loyalty a rewarding place to work and enhances our ability to solve complex problems, drive innovation, and better serve our customers and communities. Please let us know if we can make any reasonable adjustments to support your interview process with us.
Seniority level
* Director
Employment type
* Full-time
Job function
* Information Technology
* Industries: Technology, Information and Internet
Referrals increase your chances of interviewing at IAG Loyalty by 2x
Get notified about new Chief Information Security Officer jobs in London, England, United Kingdom.
#J-18808-Ljbffr