It’s time to go places

Description

Ryanair Labs are currently recruiting for a Information Security Risk and Compliance Analyst to join Europe’s Largest Airline Group!

This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years.

Ryanair Labs is the technology brand of Ryanair. Labs is a state of-the-art digital & IT innovation hub creating Europe’s Leading Travel Experience for our customers.

The Role:

We are seeking a proactive and detail-driven Information Security Risk and Compliance Analyst to join our GRC team. This role supports the design and execution of our enterprise risk management activities, with a strong focus on NIST-based frameworks including the NIST Cybersecurity Framework (CSF) and NIST Risk Management Framework (RMF). 

You will assist in the daily implementation of our information security, risk management, and compliance program. The role includes supporting audit readiness, maintaining security documentation, and ensuring alignment with frameworks and regulations such as GDPR, PCI-DSS, ISO/IEC 27001, NIS2, and the EU AI Act. 

Success in this role will be measured by the quality and effectiveness of information security risk and compliance controls across the company. 

Requirements

• 3–5+ years in IT audit, Information Security, or Governance, Risk & Compliance 
• Hands-on experience with NIST CSF and/or NIST RMF in enterprise environments 
• Strong understanding of risk analysis techniques and control-based mitigation 
• Working knowledge of GDPR, PCI-DSS, ISO/IEC 27001, NIS2, and EU AI Act 
• Experience maintaining a risk register and reporting to technical/business teams 
• Familiarity with applying risk frameworks in Information Security 
• Proficient in Microsoft Office (Excel, PowerPoint, Word) 
• Experience with GRC platforms (e.g., OneTrust, ServiceNow, Archer) 
• Excellent written and verbal communication skills in English 

Nice to have:

• Experience in aviation, logistics, or regulated industries 
• Knowledge of NIST SP 800-53, CIS Controls, ISO/IEC 27002 
• Professional certifications: CRISC, CISA, CISSP, ISO 27001 Lead Implementer or Auditor 
• Familiarity with AI risk classification under the EU AI Act 
• Knowledge of aviation regulations (e.g., Part-IS) 
• Experience evaluating third-party security postures, especially vendors handling sensitive data or AI systems 

Benefits and form of employment

Our offer:

• Contract of employment (permanent after trial period)
• Hybrid home office (2 days per week from the office, 3 days remote)
• Discounted and unlimited travel to over 250 destinations
• Multisport card
• Private health care
• Group insurance scheme
• Possibility to take part in conferences, training and courses

– – – and – – –

• Office located in the city center with a view for an Old Market Square
• Annual events (i.e. St. Patrick’s Day 🍀)
• Regular social meetings 🍻
• Paid referral system
• New office building surrounded by great dinettes right in the city centre 🌆

Apply today to discuss the role in more detail!

Competencies