Team
The role situated in a team of cyber security professionals and working closely with the wider business to ensure that the principles of Digital Safety are as engrained as Aircraft Safety. This means close alignment to Operational, Commercial along with Regulatory and Audit functions. The role requires working closely with the Senior Digital Safety Risk Manager, the Head of Digital Safety Assurance and the Technical Security and Business Partner functions to support the Digital Safety vision.
Job Purpose
The risk and assurance specialist is responsible delivering our risk management framework through identifying, capturing and measuring cyber security risks within easyJet. This role encompasses working with multiple diverse business areas to capture the relevant information that results in the representation of well-defined risk information to support informed decisions in the relevant forums.
This role supports the overall Digital Safety Assurance team’s objectives and provides visibility of key information relating to our regulatory compliance or control maturity.
What you’ll need to do the Job
- Operate the Digital Safety risk framework to assess and record cyber risk within easyJet.
- Work with multiple functions ranging from technical IT through to business facing functions to capture the full spectrum of related risk information.
- Operate the digital safety supplier assurance process to understand and capture risks related to our supply chain.
- Identify and capture potential gaps in our regulatory compliance environment and work with the Digital Safety Compliance Manager and the Data Protection team to resolve.
- Identify and capture information relating to our Data Governance framework and work with the Digital Safety Data Management Manger to resolve.
- Work with the IT Quality and Risk function to align on the IT risk relevant areas when dealing with Digital Safety risks.
- Present findings at relevant risk forums to support the treatment of identified risks.
- Provide training and advice to colleagues in the Cyber Governance, Compliance, Assurance and Risk team, the wider LC&R team and other departments on the use of the risk methodology to encourage consistent risk measurement and reporting across the company.
- Update the risk register of information assets with risks associated with each asset.
- Maintain the risk register of exceptions, assess and record the risk associated with any exceptions.
- Develop and maintain bow-tie models of key risks which tie in with other team member’s measurements of control effectiveness.
- Model statistical risk models based on risk models (e.g. Monte Carlo analysis).
- Maintain up to date awareness of the threat landscape and how it affects the probability of risk events occurring.
Skills & Experience
- Demonstrates effective communication skills.
- Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures.
- Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client.
- Demonstrates an analytical and systematic approach to issue resolution.
- Takes the initiative in identifying and negotiating appropriate personal development opportunities.
- Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work.
Desirable Skills/Experience
- Previously worked in a similar information security role and other complementary business roles where the management of some type of risk (e.g. product, project) formed part of the role’s responsibilities.
Ideal Qualifications
- CRISC or similar (eg Institute of Risk Management)
- CISSP, COMPTIA Security + or other security qualification Information Security or industry relevant qualifications
What you’ll get in return
- Competitive base salary
- Up to 20% bonus
- 25 days holiday
- BAYE, SAYE & Performance share schemes
- 7% pension
- Life Insurance
- Work Away Scheme
- Flexible benefits package
- Excellent staff travel benefits
About easyJet
At easyJet our aim is to make low-cost travel easy – connecting people to what they value using Europe’s best airline network, great value fares, and friendly service.
It takes a real team effort to carry over 90 million passengers a year across 35 countries. Whether you’re working as part of our front-line operations or in our corporate functions, you’ll find people that are positive, inclusive, ready to take on a challenge, and that have your back. We call that our ‘Orange Spirit’, and we hope you’ll share that too.
Apply
Complete your application on our careers site.
We encourage individuality, empower our people to seize the initiative, and never stop learning. We see people first and foremost for their performance and potential and we are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates.