Director

Job Title : Director, Information Security.

Key Responsibilities :

- Lead cloud security risk management : identify, assess, and mitigate risks across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP); design, implement, and validate technical security controls; and oversee the full lifecycle of security policies (development, deployment, continuous monitoring).

- Partner with senior architects, Chief Information Security Officer (CISO) leadership, and cloud provider architects to ensure robust security architecture; present the organizations security posture to stakeholders and provide actionable recommendations.

- Ensure and evidence compliance : conduct risk assessments, lead audits, and manage compliance with International Organization for Standardization (ISO) 27001, Payment Card Industry Data Security Standard (PCI DSS), System and Organization Controls (SOC) assurance reports, General Data Protection Regulation (GDPR), European Union Artificial Intelligence Act (EU AI Act), and Network and Information Security Directive 2 (NIS2).

- Drive Information Security Management System (ISMS) risk management, define key performance indicators (KPIs), oversee policy reviews and third- party risk management, and coordinate cross - functional responses to security and compliance requirements.

- Provide consultancy and mentorship on cybersecurity, privacy, and AI compliance initiatives; support team problem- solving and continuous improvement; maintain and expand relevant cloud certifications.

Skills & Knowledge Technical / Functional and Managerial :

- Expertise in cloud security controls and architecture reviews, with the ability to independently assess cloud supplier services.

- Proficiency in cloud computing, infrastructure, and networking; systems architecture; virtualization; and containers (e.g., Docker).

- Knowledge of security and auditing standards, including ISO/IEC 27000 series, Payment Card Industry Data Security Standard (PCI DSS), and Statement on Standards for Attestation Engagements (SSAE) 18.

- Professional background in information technology (IT) with experience implementing and validating security controls in complex cloud environments.

- Strong collaboration and communication skills to work effectively across teams and with stakeholders on security and compliance needs.

Education and Years of Experience :

- Bachelors or masters degree in computer science or a related field, or equivalent practical experience.

Certifications : CISSP, CCSP, CISM.

- Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), or equivalent knowledge.

- Bring at least two or three of the following certifications (or demonstrate equivalent knowledge) :

1. Azure Administrator (AZ-104).

2. Azure Security Engineer (AZ-500).

3. AWS Solutions Architect Associate.

4. AWS Security Specialty.

5. Google Cloud Platform (GCP) Associate Cloud Engineer.

6. GCP Cloud Security Engineer.

Diversity & Inclusion :

Amadeus aspires to be a leader in Diversity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.

Amadeus is an equal opportunity employer.