VP, Information Security, Risk and Compliance

Remote Full-time
About Direct Travel
We are a global travel management and services company operating at the intersection of travel, technology, finance, and customer experience. As we modernize our technology stack and build our own data-driven products, we are making significant investments in security, compliance, and governance to serve our customers. Our future is centered on AI innovation to reduce operational costs and deliver personalized, intelligent experiences for customers worldwide.

Role Overview
The Vice President of Information Security & Compliance is a strategic executive leader responsible for overseeing global information security, data protection, governance, and compliance programs. This leader will ensure that our products, infrastructure, and operations meet international standards—specifically targeting ISO 42001 (AI Management System) certification and PCI-QSA compliance within the next 18 months.
This position demands a forward-looking leader who blends deep technical expertise, regulatory insight, and operational pragmatism to protect customer trust while enabling innovation.

Reporting to: Chief Information Officer

Key Responsibilities

Security & Compliance Strategy:Develop and execute a global security and compliance roadmap aligned with corporate goals, focusing on ISO 27001 and SOC2, and expanding to ISO 42001, PCI-DSS, GDPR, CCPA, and other emerging data privacy frameworks.
AI Governance:Establish robust policies and risk models for secure and ethical AI adoption across products and platforms, ensuring adherence to future AI regulatory standards.
Data Privacy & Protection:Lead initiatives to design privacy-first architectures supporting international data residency, cross-border transfer compliance, and encryption standards.
DevSecOps Maturity: Partner with engineering and DevOps teams to build security into the product development lifecycle—deploy secure pipelines, automate compliance checks, and continuously monitor infrastructure health.
Risk, Audit & Incident Response:Maintain enterprise risk management processes, lead internal audits, coordinate external assessments, and oversee incident response and recovery workflows.
Team Leadership:Build, mentor, and scale a global security & compliance organization with capabilities spanning application security, cloud security, GRC, and data protection.
Stakeholder Collaboration:Work cross-functionally with Sales, Product, Legal, Finance, and IT to align organizational practices and ensure security and compliance enable business growth—not constrain it.


Qualifications

12+ years of experience in information security or compliance, with at least 5 years in senior leadership driving enterprise-wide programs.
Proven track record leading PCI-DSS, ISO, or SOC 2 compliance initiatives in a SaaS or financial/merchant-of-record context.
Deep understanding of cloud architectures (AWS, Azure, or GCP), security platforms, secure software development, and modern DevSecOps tools and practices.
Experience establishing AI governance, risk management, or model assurance frameworks preferred.
Strong familiarity with data privacy regulations across EU, US, and APAC jurisdictions.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent credentials highly desirable.
Exceptional communication, leadership, and change management skills.


Success in the Role

Integration of the security team, processes and systems in our ATPI business unit
ISO 27001 and 42001 certification achieved within 18 months.
PCI-QSA compliance achieved within 18 months.
Embedded security-by-design across the product lifecycle.
Demonstrable improvement in operational resilience and customer trust.





Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

**Experienced Customer Service Representative - CPAP Equipment Specialist**

Remote

Planner I

Remote

Customer Care Advisor

Remote

**Experienced Live Chat Specialist – Deliver Exceptional Customer Service in a Dynamic Virtual Environment**

Remote

COMERCIAL TÉCNICO/A DE PIEDRA NATURAL – ARQUITECTURA PREMIUM

Remote

**Experienced Remote Inbound Customer Service Representative – Language Services Provider**

Remote

Senior Data Engineer

Remote

**Experienced Remote Data Entry Clerk – Accurate and Timely Data Management for arenaflex**

Remote

Business Compliance Officer

Remote

Rural Mail Carrier

Remote
← Back