-
International Air Transport Association (IATA)
View all jobs
Chief Information Security Officer
Switzerland
· Full-time
·
Executive
Employment Type: Permanent
Contract Duration
At IATA, we speak for the airlines of the world, serving and supporting over 300 of them across all continents. We are passionate and knowledgeable about the aviation industry, and we strive to make it safer, smarter, more sustainable and more inclusive. We celebrate diversity and inclusion in our workforce, and we respect and value the different backgrounds, perspectives and skills of our employees. We also care about our employees’ wellbeing, and we provide flexible work arrangements, travel benefits, family-friendly policies, equal pay and a day off on your birthday. We believe in giving back to the community and encourage our staff to participate in volunteering activities that support causes they care about. We encourage you to join our global community of aviation enthusiasts, and we will do our best to make you feel comfortable during the interview process. IATA is more than a trade association; it is a vision of a better future for air travel.
About The Team You Are Joining
You will report to the Chief Information and Data Officer and will be responsible for leading and managing all aspects of the organization's information security program. You will lead a team of security professionals who have brought the organisation to a maturity level similar to banks.
You will continue the development and implementation of a comprehensive cybersecurity program to bring IATA to the next stage, supporting a very ambitious data strategy which aims to make IATA the trusted center of excellence for aviation data.
You will work in close collaboration with the different existing IT, business and 3rd party teams by integrating the best cybersecurity practices into IATA’s organizational way of doing business. You will actively participate in the IATA Audit Committee and various boards where cybersecurity is monitored and represented to make sure that IATA complies with regulations in effect in the countries where we operate.
What Your Day Would Be Like
You will develop, execute and maintain on yearly basis the cybersecurity strategy, operating model and objectives aligned with business goals and have them validated by the Management Committee and IATA Audit Committee.
Provide strategic guidance and vision to the Management Committee and Board of Directors regarding cybersecurity risk management.
Identify, assess and prioritize security issues, major security risks to the organization, and legal and regulatory compliance requirements.
Ensure compliance with relevant regulations, industry standards, and best practices (e.g., GDPR, ISO 27001, PCI-DSS, SOC2).
Evaluate the level of security within the organization, in particular through periodic audits, reporting and permanent controls.
Manage the implementation of the organization's IT security charter and promote it to all users.
Contribute to answering the requests of the organization's customers and partners on security aspects.
Chair the information security governance committee and participate in corporate governance processes.
Report regularly to senior management and the board on the state of cybersecurity.
Collaborate with IT teams to design and implement secure information systems and infrastructure.
Evaluate and select security technologies and solutions to protect the organization effectively.
Oversee the operation of security controls, technologies, and tools.
Monitor security incidents and respond to security breaches, including incident investigation and resolution. Establish an incident response plan and coordinate incident response activities. Ensure rapid recovery and business continuity in the event of a security incident.
Define and deliver a cybersecurity culture and awareness program for employees, contractors and partners.
We would love to hear from you if
10 years of experience in risk management, information security and IT, and at least 3 years in a leadership role. Banking / financial services experience would be an advantage.
A professional certification such as CISSP, CISM, CISA or similar would be an advantage.
Knowledge and experience in implementing secure architectures in all types of cloud service environments (e.g., public, private, hybrid.)
Knowledge and experience in implementing cybersecurity strategies and frameworks across internal and 3rd party landscapes.
Knowledge of legislation related to cybersecurity and data protection.
Knowledge of security governance, norms and standards: NIST norms (800.171), DFARS norms, ISO norms (27001), PCI-DSS / SOC2.
Travel Required: 10%
Learn more about IATA’s role in the industry, our benefits, and the team at iata/careers/ . We are looking forward to hearing from you!
Contract Duration
At IATA, we speak for the airlines of the world, serving and supporting over 300 of them across all continents. We are passionate and knowledgeable about the aviation industry, and we strive to make it safer, smarter, more sustainable and more inclusive. We celebrate diversity and inclusion in our workforce, and we respect and value the different backgrounds, perspectives and skills of our employees. We also care about our employees’ wellbeing, and we provide flexible work arrangements, travel benefits, family-friendly policies, equal pay and a day off on your birthday. We believe in giving back to the community and encourage our staff to participate in volunteering activities that support causes they care about. We encourage you to join our global community of aviation enthusiasts, and we will do our best to make you feel comfortable during the interview process. IATA is more than a trade association; it is a vision of a better future for air travel.
About The Team You Are Joining
You will report to the Chief Information and Data Officer and will be responsible for leading and managing all aspects of the organization's information security program. You will lead a team of security professionals who have brought the organisation to a maturity level similar to banks.
You will continue the development and implementation of a comprehensive cybersecurity program to bring IATA to the next stage, supporting a very ambitious data strategy which aims to make IATA the trusted center of excellence for aviation data.
You will work in close collaboration with the different existing IT, business and 3rd party teams by integrating the best cybersecurity practices into IATA’s organizational way of doing business. You will actively participate in the IATA Audit Committee and various boards where cybersecurity is monitored and represented to make sure that IATA complies with regulations in effect in the countries where we operate.
What Your Day Would Be Like
You will develop, execute and maintain on yearly basis the cybersecurity strategy, operating model and objectives aligned with business goals and have them validated by the Management Committee and IATA Audit Committee.
Provide strategic guidance and vision to the Management Committee and Board of Directors regarding cybersecurity risk management.
Identify, assess and prioritize security issues, major security risks to the organization, and legal and regulatory compliance requirements.
Ensure compliance with relevant regulations, industry standards, and best practices (e.g., GDPR, ISO 27001, PCI-DSS, SOC2).
Evaluate the level of security within the organization, in particular through periodic audits, reporting and permanent controls.
Manage the implementation of the organization's IT security charter and promote it to all users.
Contribute to answering the requests of the organization's customers and partners on security aspects.
Chair the information security governance committee and participate in corporate governance processes.
Report regularly to senior management and the board on the state of cybersecurity.
Collaborate with IT teams to design and implement secure information systems and infrastructure.
Evaluate and select security technologies and solutions to protect the organization effectively.
Oversee the operation of security controls, technologies, and tools.
Monitor security incidents and respond to security breaches, including incident investigation and resolution. Establish an incident response plan and coordinate incident response activities. Ensure rapid recovery and business continuity in the event of a security incident.
Define and deliver a cybersecurity culture and awareness program for employees, contractors and partners.
We would love to hear from you if
10 years of experience in risk management, information security and IT, and at least 3 years in a leadership role. Banking / financial services experience would be an advantage.
A professional certification such as CISSP, CISM, CISA or similar would be an advantage.
Knowledge and experience in implementing secure architectures in all types of cloud service environments (e.g., public, private, hybrid.)
Knowledge and experience in implementing cybersecurity strategies and frameworks across internal and 3rd party landscapes.
Knowledge of legislation related to cybersecurity and data protection.
Knowledge of security governance, norms and standards: NIST norms (800.171), DFARS norms, ISO norms (27001), PCI-DSS / SOC2.
Travel Required: 10%
Learn more about IATA’s role in the industry, our benefits, and the team at iata/careers/ . We are looking forward to hearing from you!
Key Skills
Ranked by relevance
cybersecurity
incident response
dss
cissp
cloud
gdpr
cisa
cism
nist
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Senior Executive Information Technology
2026-07-07
Full-time
Associate
India
Airlines
Information Technology
View Job Details
Related
Cyber Security Analyst
2026-07-07
Full-time
Not Applicable
Ireland
Utilities
Information Technology
View Job Details
Related
Security Operations Manager
2026-07-14
Full-time
Director
Ireland
Professional Services
Information Technology
Login to Apply
- Posted
- Feb 11, 2025
- Type
- Full-time
- Level
- Executive
- Location
- Geneva
Industries
Airlines
Aviation
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Senior Executive Information Technology
2026-07-07
Full-time
Associate
India
Airlines
Information Technology
View Job Details
Related
Cyber Security Analyst
2026-07-07
Full-time
Not Applicable
Ireland
Utilities
Information Technology
View Job Details
Related
Security Operations Manager
2026-07-14
Full-time
Director
Ireland
Professional Services
Information Technology