This job has ended. Find similar jobs.

Senior Manager - Information Risk

Posted 27 February by Carnival Ended

An exciting opportunity has arisen for a highly capable Senior Manager - Information Risk to join the IT department.

The role is based at the impressive Carnival UK Headquarters in Southampton and is paying a competitive salary plus benefits (including car allowance, 10% discretionary bonus, pension, huge discounts on our cruises and more).

Carnival UK is the operating company for P&O Cruises & Cunard. We provide unforgettable holiday experiences and operate a winning culture to achieve standout success.

We have big plans for the future and our industry is ripe for innovation and disruption. With 3 new ships on the horizon, our business is growing rapidly and going through organisational change. As we embrace new technology we have the need to protect our organisation and customers from threats and risk. Be part of the journey and help shape and embed processes & procedures.

The Role

Reporting to the Head of Information Risk Management, the Senior Manager - Information & Risk will lead a team of 3 Information Security SME’s to engage across the business and technology functions to ensure risks are identified, managed and reported to the appropriate leadership and governance forums.

Key Responsibilities

Strategic Leadership

  • Develop and embed key strategic risk management processes and reporting within CUK organisation
  • Support the implementation of key controls and compliance processes across the organisation to adhere to policy, compliance and regulatory requirements Ensure that key risks and threats to the business are highlighted to senior management and that practical mitigations are recommended

People Management

  • Lead and develop a team of subject matter experts and ensure they are properly engaged with key stakeholders to identify and mitigate key information risks

Cost Management / Cost Control

Assist in managing the security functions budgets to ensure TCO is understood and that security costs are continually streamlined

  • Support the development of cost effective solution proposals

Customer Responsibilities (Internal & External Customers)

  • Prioritise the protection of customer information ensure we are adhering to data protection and privacy legislation, prioritising the protection of customer and business information and providing the best possible customer experience
  • Work to embed information security into our HESS culture so that safety of our customers and employees is considered at all times
  • Support our teams to ensure secure solutions are delivered and best practises are understood in order to reduce risks and ensure compliance
  • Ensure engagement with business and technology projects so that security requirements are identified and delivered



  • Strong & proven experience in an Information Security or IT Audit related field, including:
    • Experience in Information governance, risk and compliance
    • Implementing risk management processes, procedures and reporting
    • Experience implementing industry compliance frameworks, including GDPR, SOX, PCI DSS
    • Experience with key security frameworks such as NIST, ISO27k, COBIT
  • Strong understanding of IT and information security best practices and principles across key subject matter domains, including:
  • Information security policy and governance framework
  • Risk assessment and risk management
  • Security Incident Management and Response
  • Access and Identity Management
  • Business Continuity
  • Secure Development Best Practise
  • Network and application security controls

· IT Process and procedures:

  • Incident Management
  • Change management
  • Development methodologies
  • Experience working in a large enterprise or international organisation
  • Line management and people management


  • Previous or current technical competence in information systems, architecture or security operations
  • Background in Maritime IT and/or Maritime Information/Risk

Education, Qualifications and Training


  • Degree level in Information Security / Computer Science
  • Industry qualifications: CISSP, CISA, CISM, GIAC, MSc Information Security or equivalents

About us

One of our core organisational values is that we are 'better together' and that’s why we’re working hard to build a flexible and inclusive culture; where difference is respected and valued and where our people can be themselves. Inclusivity is at the heart of our everything we do so we welcome applications from everyone. We do not discriminate on the basis of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage & civil partnership and pregnancy & maternity.

Carnival UK is the operating company for P&O Cruises & Cunard. We provide unforgettable holiday experiences and operate a winning culture to achieve standout success.

Our Cunard ships have been defining sophisticated ocean travel for over 175 years. Our ships have always been The Most Famous Ocean Liners in the World. We continue our legacy of luxury ocean travel with our flagship Queen Mary 2, Queen Victoria and Queen Elizabeth, with Queen Mary 2 providing the only regularly scheduled transatlantic service between Southampton and New York. In 2022 our fourth Queen will join our Cunard fleet.

P&O Cruises has a proud and long tradition, with seven ships including our flagship Britannia which joined our fleet in March 2015. Our new ship, the largest in the UK market, will join the fleet in 2020, meaning we can offer more experiences tailored to British tastes - combining genuine service, a sense of occasion and attention to detail, ensuring passengers have the holiday of a lifetime, every time.

It takes great passion and real dedication to maintain our position at the top. That’s why extraordinary, passionate people are at the heart of our journey delivering the highest standards to our valued customers. With support to help you reach your potential, attractive company benefits and incredible employee offers on discounted cruises w

Required skills

  • Information Risk

Reference: 34568383

Bank or payment details should not be provided when applying for a job. is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job