Business Information Security Officer in Amsterdam

Job Description

It wasn’t so long ago that booking a trip to see the Eiffel Tower, stroll down New York’s iconic Madison Avenue or feel the sand between our toes on Copacabana Beach was simply a matter of a few taps on our smartphone. In fact, that’s what we do at We make it easier for everyone to experience the world. And while that world might feel a little farther away right now, we’re busy preparing for when the world is ready to travel once more.

Across our offices worldwide, we continue to innovate. To solve for some of the most complex challenges in travel and technology, and to plan for the exciting developments that lie ahead. With strategic long-term investments into what we believe the future of travel can be, we are opening up new career opportunities that will have a strong impact on our mission. We are united in the belief that our very human desire to explore the planet’s beauty and discover more about other people and cultures will endure. The world is waiting for us. Together, we will be ready.

Senior Manager – Business Information Security Officer 

The Business Information Security Officer (BISO) supports the delivery of the global Information Security and Risk Management (ISRM) program’s goals and objectives at the Business Unit level. The BISO works with the Business Unit’s management team to improve the information security posture by ensuring the consistent application of’s policies and procedures. This role will require a keen understanding of the company’s key assets and processes, unique business requirements, the information security program and combining this information to address residual risk by recommending security enhancements within the area of responsibility. The BISO role is a critical partner for the Business Unit’s leadership, general management team and operating groups and will represent security in daily operations as well as with senior customers and partners as required. The BISO will have fixed line reporting into the’s Chief Information Security Officer (CISO) and dotted line reporting into an authoritative and influential, management position within the Business Unit itself. This position is being created to deliver the principle of ‘Global Oversight with Regional/Functional Insight’ meaning we believe that risk management is best executed at the point closest to the actual risk and with the insights and understanding of the unique business context. 


  • Provide senior leadership to the Business Unit leadership for the implementation of’s Information Security policy, procedures, and standards throughout their business.
  • Direct the risk assessment and security engineering completeness of any exceptions to standard baselines or’s policies
  • Perform first line approval of security requests from Business Group Programs and personnel
  • Proactively identify information security deficiencies or opportunities for improvement to better enable business security at the global level. Lead the development of pragmatic solutions across Corporate Information Security.
  • Provide communication or escalation path for information security issues identified by Corporate Information Security or the Business Unit themselves.
  • Provide regular, timely reporting on the information security status across the supported business groups.
  • Support acquisition due diligence for information security risks and support control design for integration.
  • Participate in Group reporting requirements, monthly/quarterly status meetings and offsites as appropriate.
  • Assist Groups in managing and preventing cyber incidents and providing incident coordination as required.
  • Provide subject matter expertise on various cyber threats to Group leadership.
  • Represent the CISO at meetings and act on behalf of as requested.
  • Delivery the appropriate security shared services in support of the Business Unit’s risk mitigation needs
  • Manage the necessary human resources required to deliver the security goals 
  • Develop a strategic roadmap with associated documentation 
  • Build productive relationships with management and become the trusted security advisor 
  • B.qualified 

  • Bachelor’s degree in Information Systems, Cybersecurity, or a related field and minimum 5 years of relevant experience.
  • Experience in the design and implementation of information security programs for organizations with annual turnover > $1B
  • Proven experience in cybersecurity: security policy development, metrics capture and analysis and system authorization.
  • Self motivated and willing to take on challenges while adapting to an ever-changing operational environment.
  • Good understanding of security best practices including NIST Risk Management Framework, NIST 800-171 controls, ISO27000 and PCI DSS. Previous experience working with one of these frameworks.
  • Expert level understanding of key network and technical security controls. This includes application of the Cyber Kill Chain in enterprise environments.
  • Experience participating in security incident response and coordinating activities
  • Demonstrated ability to apply organizational information security policies
  • Broad understanding of ISRM practices, methodologies and technology
  • Strong leadership, communication, consulting, decision-making and influencing skills
  • Solid knowledge and understanding of the industry, strategic direction of the Company and operational challenges
  • is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

    Get MatchedUpload your resume and see jobs that match your skills and experienceMatch Unknown


    Solliciteer hier