Security Engineer 2, InfoSec

This role plays a leading part in ensuring risk management and cybersecurity governance are carried out at scale, helping keep product used by more than 110 million travellers safe and secure.You'll play a leading role in protecting Skyscanner against security risks, by implementing governance, risk and compliance (GRC) at scale in an agile and entrepreneurial way. You will drive work to reduce toil for control owners, increase visibility across the company, and develop continuous monitoring and reporting. You'll be empowered to engage and work cross-functionally, creating a strong security baseline.You'll be part of the Security team in setting the vision, roadmap, assessing risks and efforts to secure the company across teams and departments. We are looking for people who are experienced, proactive, humble and also highly skilled. And whatever the problem, you’ll connect the dots to help find the right solution by inspiring teams to work together.

What you will be doing:

• Coordinate third-party risk assessments and vendor security compliance.
• Monitor, report, and propose improvements for security risks, policies, and compliance (NIST CSF).
• Maintain the enterprise risk register and collaborate with leadership on risk appetite and tolerance.
• Implement and scale Governance, Risk, and Compliance (GRC or equivalent experience) frameworks, including automation of monitoring and reporting processes.
• Lead company-wide information security training and develop targeted initiatives to raise awareness across the organization.
• Work collaboratively to integrate security into processes and company culture, ensuring effective communication of complex security concepts.

Ideally you will have:

• Extensive experience in information security, particularly in cloud environments.
• Expertise in third-party risk management and vendor evaluations.
• Proficiency with GRC tools (e.g., RiskSmart) and governance automation.
• Strong problem-solving skills and a proactive, team-oriented approach.
• We believe when people meet regularly in person, we are better able to innovate, learn, collaborate and encourage.

Skyscanner is a hybrid working company and most roles can be either Full Time or Part Time. We believe when people meet regularly in person, we are better able to innovate, learn, collaborate and inspire. We ask people to be in the office on average 8 days per month.

Already a global leader in travel, we want to elevate the way we work to a whole other level. In return, you’ll get meaningful things like medical insurance, headspace subscription, a home office allowance and the option to buy more holidays. You’ll have the opportunity to work from any country for 4 weeks a year, and 30 days in our other global offices. Everything, in other words, to help you relax and give your best.

For more details on Engineering at Skyscanner, check our Engineering Blog and follow Skyscanner Engineering on Twitter.

#LI-FM1