As Chief Information Security Officer (CISO), you will play a pivotal leadership role in protecting Aer Lingus’s digital infrastructure, customer data, and operational systems. You will lead and evolve a resilient, risk-informed cyber security strategy that supports Aer Lingus’s digital transformation and aligns with International Airlines Group (IAG) initiatives.

This senior role, reporting into the Chief Digital and Transformation Officer (CDTO) requires both visionary thinking and hands-on leadership. You will oversee enterprise-wide cyber security operations, direct incident response, and foster a strong security culture across the organisation. Your leadership will ensure regulatory compliance, protect critical assets, and embed cyber resilience into Aer Lingus’s digital future.

Your key responsibilities will include:

• Advance and execute Aer Lingus’s enterprise-wide cyber security strategy and multi-year roadmap, aligned with business goals and IAG’s cyber objectives.
• Continuously refine the strategy to address evolving threats and technologies, enabling secure digital transformation.
• Establish strong cyber governance by chairing a cross-functional Cyber Security Steering Group and maintaining the Information Security Risk Register.
• Regularly report on cyber risk posture to the executive team and Board, and represent Aer Lingus in IAG cyber governance forums.
• Maintain and enforce security policies, standards, and procedures aligned with NIS2, ISO 27001, GDPR, and industry best practices.
• Oversee implementation of security controls across IT infrastructure, cloud platforms, and applications—including IAM, encryption, and secure development practices.
• Lead a proactive vulnerability management programme with continuous scanning, testing, and reporting.
• Direct Aer Lingus’s cyber incident response, serving as incident commander during critical events. Ensure readiness and execution of the Cyber Incident Response Plan (CIRP), integrated with business continuity and crisis management.
• Ensure compliance with all cyber security and data protection regulations.
• Lead the delivery of key cyber initiatives to strengthen Aer Lingus’s defences.
• Ensure rigorous security oversight of third-party vendors and partners.
• Evolve, inspire, and empower a high-performing cyber security team. Define team structure across security operations, GRC, engineering, and identity management.
• Establish and track KPIs and KRIs to measure the effectiveness of the cyber security programme.

• Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related field.
• 10+ years of relevant experience, including 5+ years in senior leadership, ideally in a regulated or critical infrastructure environment.
• Proven experience building and maturing security programmes, leading teams, and managing cross-functional initiatives.
• Demonstrated success in managing major security incidents and implementing effective remediation.
• Deep knowledge of NIS2, GDPR, ISO/IEC 27001, ISO 27002, and related frameworks.
• Strong leadership, communication, and stakeholder management skills.
• Ability to translate complex cyber risks into clear, actionable insights for executive and board-level audiences.
• Professional certifications such as CISSP, CISM, CISA, CRISC, or CCSP are highly desirable.