For more than 40 years, Accelya has been the industry’s partner for change, simplifying airline financial and commercial processes and empowering the air transport community to take better control of the future. Whether partnering with IATA on industry-wide initiatives or enabling digital transformation to simplify airline processes, Accelya drives the airline industry forward and proudly puts control back in the hands of airlines so they can move further, faster.
Specialist Cyber security
Mumbai
Role purpose
As a Specialist - Cyber security, you will play a critical role in the implementation, and management of the company's information security strategy. This position will focus on engineering, compliance and serving as a business security liaison as needed. Cyber Security specialist will work closely with various departments to ensure the security of the company's information assets and compliance with relevant regulations and standards.
Duties & Responsibilities:
Security Architecture and Engineering:
Infrastructure Security
Maintain and implement the security architecture framework to ensure the integrity, confidentiality, and availability of information assets.
Govern the implementation of security solutions, including network security, endpoint security, and cloud security.
Collaborate with IT and engineering teams to integrate security best practices into infra and application components.
Participate in architecture reviews of various projects and products developments. Collaborate with cross functional teams and embed security by design principle.
Perform regular vulnerability scans across all infrastructure components to identify potential security risks.
Ensure all scans are conducted and scan reports published in accordance with defined compliance timelines and organizational standards.
Coordinate with stakeholders to proactively follow up until remediation is completed.
Track risk acceptances in coordination with the GRC team to ensure proper documentation and governance compliance.
Manage and collaborate with stakeholders to oversee the organization-wide Infrastructure and endpoint security such as Patch advisory, Patch management, WAF and firewall rule review, and ensuring compliance with security policies and standards.
Application Security
Implement security in the design phase of development by performing threat modelling and security risk assessments from data security, data privacy perspective.
Implement culture of DevSecOps to build shift-left mindset and incorporate security by design principle.
Set secure coding guidelines and use automated tools to check the secure coding practices.
Manage periodic VAPT and SCR program for multiple portfolios of Group.
Work effectively with cross functional teams to ensure timely remediation of identified vulnerabilities and tracking till closure
Define baseline security requirements of the software. Develop security white paper that talks about security features and functionalities available in the product that are configurable.
Govern the key performance and improvements metrics and present to the leadership
Compliance and Risk Management:
Ensure compliance with relevant regulations, standards, and frameworks (e.g., PCI DSS, GDPR, ISO 27001, NIST).
Participate and conduct regular security assessments and audits to identify vulnerabilities and recommend remediation actions.
Develop and maintain incident response plans and coordinate responses to security incidents.
Knowledge, Experience & Skills
Bachelor’s degree in information technology, Computer Science, Information Security, or a related field. A master’s degree is preferred.
Professional certifications such as CC, CEH, COMP TIA network+, CCNA, CISSP, CISM, CRISC, or similar are highly desirable.
Minimum experience 5-8 years with at least 2-3 years of experience in information security, at least 2-3 years as network engineer or software developer role.
Management of vulnerability platform for internal and external scanning. Oversee deployment of relevant scanning appliances.
Strong understanding of engineering, IT frameworks, standards, and regulations.
Excellent analytical, problem-solving, and decision-making skills.
Strong communication and interpersonal skills, with the ability to work effectively with diverse teams and stakeholders.
Proven ability to manage multiple projects and priorities in a fast-paced environment.
Experience with risk management tools and software.
Knowledge of cloud security and emerging technologies. Preferably AWS
Familiarity with data privacy regulations and compliance requirements.
What do we offer?
Open culture and challenging opportunity to satisfy intellectual needs
Flexible working hours
Smart working: hybrid remote/office working environment
Work-life balance
Excellent, dynamic and multicultural environment
Equal Opportunity
Accelya is an equal opportunity action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, religion, gender, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.
About Accelya
Accelya is a leading global software provider to the airline industry, powering 200+ airlines with an open, modular software platform that enables innovative airlines to drive growth, delight their customers and take control of their retailing.
Owned by Vista Equity Partners long-term perennial fund and with 2K+ employees based around 10 global offices, Accelya are trusted by industry leaders to deliver now and deliver for the future.
The company´s passenger, cargo, and industry platforms support airline retailing from offer to settlement, both above and below the wing. Accelya are proud to deliver leading-edge technologies to our customers including through our partnership with AWS and through the pioneering NDC expertise of our Global Product teams.
We are proud to enable innovation-led growth for the airline industry and put control back in the hands of airlines.
For more information, please visit www.accelya.com
What does the future of the air transport industry look like to you? Whether you’re an industry veteran or someone with experience from other industries, we want to make your ambitions a reality!