Information Security and Compliance Officer

About the positionResponsibilities• Implement, maintain, and improve the Information Security Management System (ISMS) under ISO 27001 and other international standards. • Lead and coordinate internal and external security and compliance audits (ISO 27001, PCI-DSS, GDPR, NIST), and drive the follow-up of corrective actions. • Analyze compliance and security requirements, working with stakeholders to identify and implement technical solutions that balance security, compliance, cost, and user experience.• Provide subject matter expertise in translating security, regulatory, and compliance requirements into technical requirements for cloud and on-premises environments. • Perform and validate risk assessments, and support the establishment, verification, and maintenance of security controls toward standards and regula-tions. • Advise and train internal teams on best practices in security, compliance, and privacy. • Manage documentation, policies, and procedures for information security. • Serve as the main point of contact for auditors, regulators, and clients regard-ing compliance matters.• Support security management in cloud and data center environments, including the assessment and optimization of security controls and architecture. • Stay up to date on regulatory changes, cybersecurity trends, and emerging compliance requirements. Requirements• Bachelor's degree in Systems Engineering, Electronics, Telecommunications, or related fields. • 5+ years in information security, compliance, or audit roles. • Strong technical acumen with a solid grasp of internet protocols, applications, operating systems, cryptographic methods, and network and systems archi-tecture• Ability to translate security, regulatory, and compliance requirements into technical solutions, and assess whether proposed solutions meet compliance and security needs.• Proven experience in ISO 27001 implementation and audit. • Participation in PCI-DSS, GDPR, NIST, or similar compliance projects. • Experience in risk management and security incident handling. • At least one of the following certifications: ISO 27001 Lead Auditor/Imple-menter, CISSP, CISM, or equivalent. • Leadership and teamwork abilities. • Effective communication with technical and business areas. • Advanced English (able to read documentation and participate in audits; con-versational fluency is a plus).• Results-oriented and continuous improvement mindsetNice-to-haves• Experience in cloud (Azure, AWS, GCP) and data center environments is desir-able. • conversational fluency is a plusBenefits• Get rewarded with competitive remuneration, individual and company annual bonus, vacation and holiday paid time off, health insurances and other competitive benefits. • Work from anywhere: onsite, hybrid or fully remote. • Professional development to broaden your knowledge and enhance your skills with on-line learning hubs packed with technical and soft skills training that allow you to develop and grow.• Enter a diverse and inclusive workplace, join one of the world's top travel technology companies and take on a role that impacts millions of travelers around the globe. Apply tot his job