Salary: £37,000 - 77,000 per year Requirements: We are looking for an experienced, authentic security leader with a solid understanding of technology and enterprise information security risk management. We want a proven people leader who can build a positive, enabling security culture based on trust, quality, and pragmatic risk management. We need experience mentoring and developing security talent across different cultural backgrounds. We are looking for a great communicator and influencer who can work across hierarchical, organisational, cultural, and market boundaries. We want someone who can explain complex IT security issues clearly to both technical and non-technical audiences. We require a recognised security accreditation such as CISSP, CISM, CISA, or equivalent experience with demonstrable continuous professional development. We need strong knowledge of current security threats and effective mitigating strategies. We want experience implementing and maintaining an Information Security Management framework such as ISO 27001 or NIST CSF. We require a strong understanding of the international regulatory context, particularly NIS 2, Part-IS, and aviation-specific requirements. We want experience governing or managing audits by aviation regulators across Europe. We need experience integrating security into the software development lifecycle and cloud security. We value good understanding of technology standards such as CIS, NIST, PCI, OWASP, ITIL, and COBIT. Experience with AWS workloads is desirable. Responsibilities: We will partner with business and technology leaders across TUI Group to manage information security risks in our Airline Technology Domain. We will promote and inspire a security-first culture across TUI. We will direct the development and implementation of an enterprise information security strategy aligned to our business needs. We will lead the provision of information security resources, expertise, and guidance to help each domain deliver its prioritised roadmap. We will drive adoption of security policies, standards, and controls through expert advice and assurance. We will protect our most critical assets through rigorous testing and appropriate assurance. We will manage security incidents effectively in collaboration with our security operations team. We will ensure lessons learned and audit findings are remediated while maintaining effective security operations. We will build strong working relationships across business and IT teams. We will communicate complex ideas persuasively to audiences at all levels. We will instil secure ways of working across the organisation. We will report on the effectiveness of the security programme against defined key performance indicators. We will drive continuous improvement and lead workstreams focused on developing the GRC team. Technologies: AWS Cloud Support ITIL OWASP Security Network More: We are TUI Group, and we are looking for an experienced security leader to join our Governance, Risk and Compliance team, supporting our Airline Technology Domain. We offer attractive remuneration, discretionary bonus schemes, generous travel benefits, extensive health and well-being support, flexible working, and access to the TUI Learning Hub to support career development. We champion intercultural collaboration, global projects, and community involvement through initiatives such as the TUI Care Foundation. We are committed to diversity, equity, and inclusion, and we encourage everyone to come as you are. We also support candidates with disabilities and impairments and will provide support where needed. The role is published until 27th May 2026. last updated 24 week of 2026