Global IT Security Operations Manager

Avolta is the world’s leading travel experience player. With a traveler-centric philosophy and a geographically diverse network, the travel retail and F&B company addresses the needs of up to 2.3 billion passengers each year, with 5,500 outlets in more than 75 countries across six continents. Guided by their Destination 2027 strategy and boosted by their recent combination with travel F&B giant Autogrill, the company is well positioned to realise their ambition to create a Travel Experience Revolution through their many locations at airports, motorways, cruise lines, seaports and railway stations amongst others.

PURPOSE OF THE ROLE

The Global IT Security Operations Manager manages security operational services and tools, focusing on Identity and Access management process (Join, Mover and Leavers), user management, access review, roles management. It involves collaborating with IT teams and business (Human Resources, Organization, etc.) to maintain protection and ensure compliance with security standards. The role monitors and responds to security incidents, working with the Line Manager on breach response. Additionally, it develops and implements technical security standards to mitigate risks. This position will report directly to the Global IT Security Head and will be based in Madrid.

RESPONSIBILITIES

• Manage the Identity and Access Management Process.
• Be in charge of Join, Mover and Leaver processes implementation, users review and optimization, new services integration, Organization changes support.
• Collaborate with other IT areas to improve and maintain good security status in internal and external protection, defining and managing the right solutions and configurations implemented.
• Keep abreast of security incidents related to users and act as primary control point during significant information security incidents and escalate to Line Manager.
• Collaborate with Line Manager on providing leadership for breach response and notification actions for the Group.
• Collaborate with Line Manager on developing, implementing and administering technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
• Analyze security risks and monitor compliance with security standards and appropriate policies.

WHAT WE ARE LOOKING FOR

• A minimum of 5 years of experience in information security or system administration, with a focus on IT services and security operations.
• A minimum of 5 years of experience in Identity and Access Management, covering Joiner, Mover, and Leaver processes, as well as security processes for both standard and privileged users. Experience with SailPoint is a plus.
• Experience capturing business and technical requirements to understand vulnerabilities, threats and threat probabilities.
• Experience identifying technical risks.
• University Degree in applied sciences like engineering, systems design, computer sciences or business or other related field. Security Certifications like : CISSP, CISA, CRISC, ISO27001. ITIL Foundations.
• Strong IT security, policy experience.
• Good knowledge of company’s key processes and procedures.