Global IT Security Regional Head

At Avolta (SIX: AVOL), our people are at the driving force behind our success. With a team of over 76,000 individuals representing more than 150 nationalities, we are a truly global company driven by passion, innovation, and excellence.

Born from the combination of Dufry and Autogrill, Avolta is redefining the travel experience through the dedication and expertise of our diverse workforce. Across 73 countries and 1,000 locations, our teams bring energy, creativity, and commitment to delivering world-class travel retail and food & beverage experiences.

We operate across multiple channels - including airports, motorways, cruise ships, ports, railways, and more - offering endless opportunities for collaboration and growth. Our people are empowered to make an impact, supported by a culture that values teamwork, development, and innovation.

Sustainability and social responsibility are embedded in our strategy, ensuring we grow in a way that benefits both our employees and the communities we serve.

Are you looking for a dynamic, international career where your contributions truly matter? Join Avolta and be part of a team that’s shaping the future of travel - together.

PURPOSE OF THE ROLE

The Information Security Manager provides strategic leadership across the secure development lifecycle (SDLC), API governance, and application security. The role evaluates the Group’s security posture, identifies critical risks, and drives the implementation of effective protection measures. It ensures compliance with accreditation and regulatory requirements, safeguarding systems from internal and external threats. Acting as a key partner to the Global CISO, the role steers major security initiatives, oversees audits, and leads incident response. It also advises IT and business leaders on security implications of new technologies and processes, ensuring all solutions align with Group-wide security standards

This position reports to the Global IT Security Head and is based at the Bangalore HQ

RESPONSIBILITIES

Policy, Compliance & Audit

• Develop and implement policies to secure protected and sensitive data.
• Ensure compliance with legislation and security frameworks
• Internally assess and evaluate risks
• Report project status, risks, and improvement plans to the Global CISO
• Coordinate and track all IT and security-related audits, including scope, timelines, agencies, and outcomes

Risk Management & Incident Response

• Stay informed about security incidents and support the CISO during major events
• Convene ad hoc Security Committees and lead breach response and notification actions
• Support the assessment and monitoring of information security risks and compliance
• Evaluate the impact of new technologies on the Group’s security posture.
• Establish processes to review new technology implementations for security compliance

Project Support

• Provide expert security support for IT and business projects
• Ensure best practices are applied across initiatives

WHAT WE ARE LOOKING FOR

• A Bachelor’s degree in Information Science, Computer Science, Engineering, or a related field
• 10+ years of experience in IT program and service management.
• At least 5 years of leadership experience in IT project management and team supervision
• Strong technical expertise for high-level problem diagnosis across key domains such as databases, programming, operating systems, and IT architecture
• Proven experience in IT security, including policy development and implementation
• Relevant security certifications, such as CISSP, CISA, or CRISC
• Architecture and cloud certifications (TOGAF, AWS, Azure) are highly valued
• Knowledge of OWASP, SDLC, and secure development practices
• A solid understanding of core business processes and procedures, and the ability to translate technical needs into business outcomes

Due to certain email system settings, some of our messages may occasionally land in your junk or spam folder. To ensure you don’t miss any important updates regarding your application, please check these folders regularly and mark our emails as ‘Not Spam’ if needed.

We look forward to connecting with you soon!