Information Security and Compliance Manager

ATCORE is the leading international supplier of technology solutions for the leisure travel sector. With our market‑leading reservation and distribution platform, we empower travel businesses to meet the needs of travellers through our suite of bespoke solutions. Our customers range from large vertically integrated groups, through to smaller specialist operators who enjoy a variety of service offerings. We provide application support, hosting support and monitoring to keep our customers running 24x7. Our ATCOM software – built on the Oracle platform – is the beating heart of their business, the place where millions of holidays are created, found and booked.

We have an exciting opportunity for a Information Security and Compliance Manager to join ATCORE in a key standalone position reporting directly to the CFO.

• Develop and execute a security strategy aligned with business and product objectives.
• Advise senior leadership on emerging threats, risk posture, and security investments.

• Establish and maintain an information security governance framework.
• Ensure compliance with UK and international standards, including:
  • GDPR
  • PCI DSS
  • PCI 3DS
  • SOC 2
  • NIST 800‑61 r3
• Oversee internal and external audits and certification processes.
• Manage and complete security assessments for 3rd parties, customers and insurance purposes.
• Work in partnership with the Legal team to define information security contractual requirements.
• Interact with customers to demonstrate compliance with legal and contractual requirements.

• Audit risk assessment activity and determine mitigation strategies.
• Manage third‑party and supply chain security risks.

• Work closely with engineering teams to:
  • integrate security into the software development lifecycle,
  • define secure coding standards and
  • oversee code review processes.

• Lead incident response and disaster recovery planning.
• Oversee vulnerability management, penetration testing, and threat intelligence.

• Develop and enforce security policies and standards.
• Deliver security awareness training across the organisation.

• Degree in Computer Science, Cyber Security, or related discipline.
• 5+ years of experience in information security, including leadership roles.
• Professional certifications such as CISSP or CISM.
• Detailed understanding of GDPR.
• Strong knowledge of compliance frameworks (PCI DSS, PCI 3DS, SOC 2).
• Knowledge of the DRATA GRC platform.
• Experience in secure software development practices and cloud security.
• Strategic thinking and ability to align security with business goals.
• Excellent communication and stakeholder engagement skills.
• Strong analytical and problem‑solving abilities.

• Employer matched contributory pension scheme.
• Business and personal travel insurance.
• Healthcare schemes.
• Life insurance.
• And many more.

We carefully recruit, retain and develop our most talented personnel and, as a result, have a uniquely low level of employee turnover of around 5%. Half of our employees have been with the company for 10 years or more, a level of longevity very rare in the technology sector.

Based in Slough, UK, with offices in North London and Cardiff, we are 200 employees strong and hire people with an unparalleled combination of industry and technical expertise.

Join in the creation of technologies that impact millions of travellers in a multi-trillion-dollar industry. Be part of a highly motivated family and grow your career with the guidance of strong leadership.

Not Applicable

Full-time

Other

Leisure, Travel & Tourism and Information Technology & Services

Referrals increase your chances of interviewing at Atcore by 2x.