Information Security Analyst

at  Etraveli Group

WHO WE ARE

Etraveli Group is the globally leading company for tech solutions and fulfillment capabilities for online sales of flights. We are here to solve complexity, by connecting millions of flights and travelers across the globe, from search and selection to trip and beyond. We hold consumer online travel agency brands like Mytrip, GoToGate & Flight Network and serve exclusively Booking.com with flights. Etraveli Group has also established strategic partnerships with companies like Skyscanner, Google Flights and TUI.
Every day we strive to make the world smaller for our customers and bigger for our people. Our diverse team of more than 2500 passionate professionals is what makes us the industry’s tech wonder and the best in the world at what we do. Our major offices are in Sweden (HQ), Canada, Greece, India and Poland.

REQUIREMENTS

This role involves handling sensitive personal and confidential information. We are looking for an individual with a high level of personal integrity and a strong sense of accountability. And also:

• 3+ years of experience in Information Security. Similar experience in areas such as compliance work, project management, or cybersecurity will also be positively considered.
• Understanding of common standards (i.e.NIST, ISO27001 and PCI-DSS)
• Excellent verbal and written communication skills in English and preferably also in Swedish
• Self motivated and willing to take on challenges while adapting to an ever-changing operational environment

THE ROLE

As an Information Security Analyst, within the Information Security Team, you will play a crucial role in supporting the business units implementation of goals and objectives for the Etraveli Group’s global Information Security and Risk Management (ISRM). The Information Security Team is a partner to the IT management, the internal audit team as well as operation groups, and will be a representative on internal security issues as well as with customers/partners when required. By combining understanding of the company’s key assets, business requirements and the ISRM program you will address residual risks and recommend security enhancements.

KEY TASKS

• Investigate security breaches and other cyber security incidents and determine root cause
• Provide support to IT management regarding implementation of information security policies, procedures, and standards throughout the business and provide subject matter expertise on cyber threats
• Deliver first level support on security requests in Business Group Programs and assist groups in risk mitigation and managing/preventing cyber incidents
• Follow (and follow-up on) incident management procedures to ensure incidents are logged and mitigated
• Review, update and follow-up on IT systems and policy documents
• Provide regular and timely reporting on the information security status across the supported business groups
• Research data security needs and requirements for current and future systems
• Lead and implement the development of pragmatic solutions and the vulnerability management across Corporate Information Security
• Proactively identify information security deficiencies or opportunities for improvement to better enable business security at the global level
• Conduct risk analysis to assess potential security threats, vulnerabilities, and impacts, providing recommendations for mitigating risks within the organization’s systems and processes.
• Assist the group in achieving and maintaining compliance with relevant regulations, frameworks, and security standards to ensure alignment with industry best practices.

This role involves handling sensitive personal and confidential information. We are looking for an individual with a high level of personal integrity and a strong sense of accountability. And also:

• 3+ years of experience in Information Security. Similar experience in areas such as compliance work, project management, or cybersecurity will also be positively considered.
• Understanding of common standards (i.e.NIST, ISO27001 and PCI-DSS)
• Excellent verbal and written communication skills in English and preferably also in Swedish
• Self motivated and willing to take on challenges while adapting to an ever-changing operational environmen