Employment Type: Permanent
Contract Duration:
At IATA, we speak for the airlines of the
world, serving and supporting over 300 of them across all continents. We
are passionate and knowledgeable about the aviation industry, and we strive to
make it safer, smarter, more sustainable and more inclusive. We celebrate
diversity and inclusion in our workforce, and we respect and value the
different backgrounds, perspectives and skills of our employees. We also care
about our employees’ wellbeing, and we provide flexible work arrangements,
travel benefits, family-friendly policies, equal pay and a day off on your
birthday. We believe in giving back to the community and encourage our staff to
participate in volunteering activities that support causes they care about. We
encourage you to join our global community of aviation enthusiasts, and we will
do our best to make you feel comfortable during the interview process. IATA is
more than a trade association; it is a vision of a better future for air
travel.
About the team you are joining
Working within the Cybersecurity team in
the Information & Data (I&D) division, this role will report to the Chief
Information Security Officer. This role is to oversee various security scanning
deliverables, follow-up on their remediation within the agreed timeframe and
present results to the relevant stakeholders.
What your day would be like
Vulnerability scans
and Penetration testing:
Ensure that all vulnerability scans and penetration tests run as per schedule and cover the agreed scope
Overseeing the
identification, assessment, prioritization and remediation of vulnerabilities
across the IATA landscape
Assess the impact of
the vulnerabilities on IATA’s operations and sensitive data:
Monitor proper remediation based on agreed timeframe per criticality
Support stakeholders in remediation activities
Raise incident for the most critical alerts
Ensure all processes related to vulnerability management are up to date
Continuously monitor threat landscape for technology in use at IATA
Continuously monitor onboarding of new technologies in use at IATA and ensure relevant vulnerability scans are in place
Propose new scanning solutions if need be (new scope, new threat)
Collaboration with other I&D teams to remediate vulnerabilities, including IT operations for patch management and Enterprise Architecture for technology lifecycle management
Build an aggregated dashboard to present results from various vulnerability scans
Assist in the
development and enforcement of security policies and procedures related to
vulnerability management
Conduct training
sessions and/or create training content for staff on recognizing and
responding to security vulnerabilities and threats
Participate in
incident response process when vulnerabilities are exploited to help analyze
the incident and improve defenses
Assist in the
development and enforcement of security policies and procedures related to
vulnerability management
Conduct training
sessions and/or create training content for staff on recognizing and
responding to security vulnerabilities and threats
Participate in
incident response process when vulnerabilities are exploited to help analyze
the incident and improve defenses
We would love to hear from you if
Master’s degree in computer science, Engineering, Cybersecurity or a related field.
Five years of experience in Vulnerability management, Security Operations, or Incident Response.
Strong knowledge of Cybersecurity principles, practices, and technologies such as: EDR; SSE, CASB, DLP; SIEM; Email Security; AWS security, O365 security
Interest in emerging Cybersecurity technologies and threats.
Knowledge of ISO 27001:2022 / PCI-DSS / SOC2.
Relevant IT certification (Security+, CISSP, GIAC, ECIH, OSCP, CEH, etc.) is an asset.
Hands-on knowledge of the most common vulnerabilities solutions
Travel Required: 10%
Learn more about IATA’s role in the industry, our benefits, and the team at iata/careers/. We are looking forward to hearing from you!
