Governance, Risk & Compliance Officer - Travelfusi

Skills

Communication Leadership Risk Management Encryption Monitoring Problem-solving Decision-making Research Training Analytical Skills

Job Specifications

Travelfusion is the world's largest travel B2B content aggregator for LCCs (Low Cost Carriers) and FSCs (Full Service Carriers) processing hundreds of millions of daily transactions with tens of thousands of daily flight bookings. Travelfusion's platform powers the world's leading online leisure and business travel agencies, as well as the meta search and travel ecommerce sites. The business also offers shopping and bookings of hotels and rail operators. Travelfusion is also the leader in direct payment and settlement solutions - tfPay - which manages payments and reconciliations for millions of air tickets. We are a dynamic SaaS technology company, rapidly growing profitable business with 175 employees based in London, Shanghai and Thessaloniki.

Travelfusion is seeking a professional, experienced GRC Officer to play a critical role in ensuring the company operates ethically, legally and resiliently. Additionally the GRC Officer will pro-actively guide the business in all aspects of governance, risk and compliance. The position will form part of a new GRC/Infosec team which will work widely across the company.

Core Responsibilities

Policy & Framework Development:
Establishing and maintaining organisational frameworks for governance, risk and compliance.
Risk Management:
Identifying, assessing, and mitigating risks by maintaining risk registers and supporting risk-aware decision-making.
Compliance Monitoring:
Ensuring the company complies with relevant regulations, industry standards (e.g. cyber security frameworks) and internal policies.
Audit Coordination:
Managing internal and external audits, providing necessary documentation and evidence to audit teams.
Regulatory Research:
Keeping up-to-date with new and evolving compliance laws, regulations and standards.
Security Awareness & Training:
Assisting in creating and delivering security awareness training to employees.
Collaboration:
Working with senior leadership, IT, cyber security teams and other departments to align security and compliance practices.
GRC Platform Management:
Maintaining and utilising GRC platforms to track risks, controls, and compliance activities.

Key Skills

Analytical Skills:
The ability to analyse risks, assess compliance gaps and develop solutions.
Communication:
Strong communication skills to clearly explain complex compliance requirements to different audiences.
Cyber Security & Business Knowledge:
An understanding of both business operations and cyber security principles is essential.
Regulatory Knowledge:
A solid understanding of key regulatory frameworks and standards relevant to the travel technology industry.

Requires Skills & Experience

Minimum of 5 years experience in leading and implementing security measures: protocols, data security, cyber and information security
Qualifications: Certification/experience in ISO 27001, GDPR, NIST, PCI DSS, SOX
Knowledge of GRC platforms; strong analytical and communication skills
Governance qualifications valued
Knowledge of regulations with a deep understanding of GDPR and other data protection laws
Technical skills: proficiency in data security tools, encryption technologies and audit methodology
Ability to analyse security threats and vulnerabilities
Excellent problem-solving and decision-making abilities
Strong written communication and client facing skills
Experienced in reporting at board level
Ability to write reports and produce training resources
Bachelor's degree in Computer Science, Information Technology, Law

About the Company

Travelfusion is the world's leading travel content aggregator. Our founding vision was to become the best in the business at managing and organising the maze of travel content available online. By pioneering an innovative aggregation model, our system connects directly (using our Direct Connect XML API system) to hundreds of air, hotel, car, rail, ferry, ground transport and tour operator suppliers' web sites and their reservation systems and provides structured access to the content via a single XML API interface. Travelfus... Know more