Job Title

Travelfusion is the world's largest travel B2B content aggregator for low cost airline flights powering the ability to search and book these flights on leading online, business and leisure travel agents websites, mobile sites and call centres worldwide. The business also offers a wide range of full service airlines, hotels and rail companies on its platform. In addition Travelfusion has developed a range of payments services, TFPay, which manages payments and reconciliations for millions of air tickets. We are a dynamic SaaS technology company, rapidly growing profitable business with 175 employees based in London, Shanghai and Thessaloniki.The RoleThe Data Security Officer will be responsible for ensuring the security of data systems and implementing security measures to protect our systems integrity and sensitive information.  Duties & ResponsibilitiesDeveloping and implementing data security policies and procedures including establishing frameworks for protecting sensitive data, ensuring compliance with legal requirements and managing data retentionConducting data security audits and regularly assessing the effectiveness of security controls and identifying areas for improvementManaging data security incidents responding to and investigating data breaches, ensuring proper reporting to authorities and affected partiesProvide data security training and awareness to educate employees on data security best practices, privacy regulations, and their roles in protecting sensitive informationCollaborate with systems, legal and other relevant teams to ensure data security is integrated into all aspects of the businessAdvising on data sharing agreements, reviewing data sharing agreements with third parties, ensuring compliance with relevant regulationsMaintaining records of processing activities keeping track of how data is being processed and used including Records of Processing Activities (ROPAs)Assisting in data protection impact assessments helping to identify and mitigate potential risks associated with data processing activitiesCommunicating with data protection authorities serving as the main point of contact for data protection authorities and responding to their inquiriesStay informed about data protection regulations and best practices keeping  abreast of changes in data protection laws and emerging threats to ensure the company remains compliant and secureRequired Skills & ExperienceMinimum of 5 years experience in leading and implementing security measures: protocols, data security, cyber and information securityKnowledge of regulations with a deep understanding of GDPR and other data protection lawsTechnical skills: proficiency in data security tools, encryption technologies and audit methodologies.ability to analyse security threats and vulnerabilitiesExcellent problem-solving and decision-making abilitiesStrong communication and interpersonal skillsExperience in the travel technology industry an advantageBachelor's degree in Computer Science, Information Technology, Law or related fieldHybrid working City of London