Group Information Security Officer (ref: GISOSR019)

Where you’ll work:
This is a senior role with the business transformation & Information Technology Systems Group which has been recently created to provide both our Guests and Business customers within our luxury resorts with exception customer experiences as well as supporting our businesses with a high level of customer focus whilst we transform our technology platforms.

Our HQ is based within the Sani Resort (Kassandra, Halkidiki) you will work for the newly created Group Chief Informational Officer and work alongside the various business departments which in turn ultimately support our ‘world class’ customer experience.

What you’ll do:
• Set up Information Security in its entirety from scratch within this newly created Group CIO function for a high end luxury resort group which is rapidly expanding.
• Understand our business and technology needs for Information Security from all perspectives, whilst ensuring our business practices, systems, and data security is upheld to a strong level for a high end luxury brand retail business.
• Review our existing estate and systems set-up to identify weaknesses and vulnerabilities, but ensure the Plan & Build teams are working to the standards, practices, procedures and controls etc. from scratch.
• Work closely with the new Group CIO and other Board Members, Executives and Heads of Department to ensure our people, systems and business risks are appropriately mitigated.
• Own the business Risk register for the Group and ensure this is up to date and the senior executives understand the likelihood and impact of these risks.

What you need to bring:
• A minimum of 10 years Information Security Officer Experience ideally within high end retail industry or large hotel background (at least 26,000 beds).
• Experience leading GDPR and PCIA compliance
• Analyse, monitor, coordinate and communicate information received from both internal and external sources on the full range of security related threats; to support implementation of effective mitigations.
• Generate reports, dashboards and analysis summarising information to share with the DAN senior management team and wider organisation.
• Analyse ways to consider data, security indicators and reports and assure sufficient data quality.
• Work closely with the Network Operations Teams, to proactively monitor and analyse external technological threats and the assessment of risk.
• Support the management of penetration testing activities to identify security weaknesses within SANI & IKOS technology environments.
• Drive Risk Assessments of data processing systems to confirm the design of logical controls are effective.
• Provide quality reports to summarise test activities, including objectives, planning, methodology, results, analysis and recommendations to both technical and non-technical audiences.
• Support the approval of security related Request for Change of Work Orders.
• Input quality risk data into risk management systems; and documentation and communication technology risks to appropriate stake holders.
• Provide technical support during security incidents and investigations
• Provide technical security guidance and challenge for operational technology and transformation projects
• Provide continuous improvement to the Technology Security function.
• Hold current CISSP, CISA, CRISC or other accreditations related to Information Security.
• Bachelor’s Degree in Computer Science or Information Systems.
• Be ISO27000/ISMS accredited.
• Experience of presenting to Board level senior executives in an international setting.
• Excellent command of English, and ideally good Greek/Spanish language skills would be a distinct advantage.
• Excellent speech communication skills necessary to communicate clearly with stakeholders.
• Excellent attention to detail and multi-tasking skills.
• Team spirit, multitasking and proactive. Ability to work within a multicultural and fast-paced work environment.
• Pleasant personality with excellent selling, negotiating and presentation skills.
• Well-groomed with a positive attitude; passionate about the job and focused on providing high quality results.
• Need a ‘can-do’ attitude and ability to cope with multiple deadlines.