Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support information security governance and manage cyber security risks across Virgin Atlantic's operations.
- Company: Join Virgin Atlantic, a forward-thinking airline aiming to be the most loved travel company.
- Benefits: Enjoy flexible working, competitive salary, and opportunities for career growth in a dynamic environment.
- Why this job: This role is a launchpad for your career, making a real impact in a high-trust environment.
- Qualifications: Hands-on experience with risk assessments and knowledge of frameworks like ISO 27001 and NIST CSF required.
- Other info: We celebrate diversity and encourage applications from all backgrounds, ensuring an inclusive workplace.
The predicted salary is between 28800 - 42000 £ per year.
Salary: Competitive per annum
Hours: 37.5 per week, Monday to Friday
Location: Flexible working with up to 3 days a week in our VHQ, Crawley
Contract: Permanent
Closing Date: 22nd June 2025
At Virgin Atlantic Airways, we believe that everyone can take on the world, and it’s our vision to become the most loved travel company. As we embark on this next exciting stage of our journey, we’re harnessing our spirit of entrepreneurship and innovation to challenge the status quo.
Join our team of forward-thinkers who approach the world with a different lens. We value individuals who are vocal about driving positive change and are willing to dive into both big and small tasks. If you’re ready to take your career to new heights, this opportunity is for you.
In a nutshell
The role is responsible for supporting the governance of information security, ensuring identification, management, and mitigation of information and cyber security risks across VA’s operations, with emphasis on risk assessment, third-party supply chain security, control and compliance effectiveness, and operationalising the GRC strategy by embedding security and compliance considerations into business change initiatives, digital programmes, and transformation projects. The role supports regulatory compliance and operational resilience, aligned with frameworks such as ISO/IEC 27001:2022, NIST CSF, PCI-DSS, and relevant airline information security regulatory requirements. The role is also responsible for supporting the communication of governance matters with internal and external groups, for example Internal Audit, Technology Governance forums, Safety & Security, Virgin Group or key suppliers. This makes it a great role for those looking to step into senior GRC or advisory roles.
Day to day
As our Information Security GRC Analyst, you’ll be the trusted advisor guiding our teams through risk, regulation, and resilience. From embedding security into digital transformation to assessing third-party risks and ensuring compliance with ISO 27001, NIST CSF, PCI-DSS, and more — you’ll be the voice of assurance in a fast-moving world. You’ll work across projects, suppliers, and stakeholders, translating technical controls into business impact, and helping us stay one step ahead of emerging threats.
About you
- Hands-on experience with risk assessments, supplier reviews, project advisory and control evaluations
- Working knowledge of frameworks like ISO/IEC 27001:2022, NIST CSF, PCI-DSS, and UK GDPR
- Strong communication skills — able to engage both technical and non-technical audiences
- A collaborative mindset and a passion for making security a business enabler
- Certifications like CISA, CRISC, or ISO 27001 Lead Implementer are a plus — but what matters most is your drive to make a difference.
Why This Role?
This is more than a job — it’s a launchpad. Whether you’re looking to grow into a senior GRC or advisory role, or want to make a real impact in a regulated, high-trust environment, this is your opportunity to lead from the front.
Our recipe for leadership
At Virgin Atlantic, our leaders empower teams to thrive through collaboration, innovation, and excellence. Explore our Leadership Recipe and discover the 20 core ingredients that define what it means to lead with us, driving our mission to be the most loved travel company and achieve sustainable profit.
Be yourself
Our customers come from all walks of life and so do our colleagues. That’s why we’re proud to be an equal opportunity employer and actively encourage applications from all backgrounds. At Virgin Atlantic, we believe everyone can take on the world - no matter your age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs. We celebrate difference and everything that makes our colleagues unique by upholding an inclusive environment in which we can all thrive. So that everyone at Virgin Atlantic can be themselves and know they belong.
To make your journey with us accessible and individual to you, we encourage you to let us know if you’d like a little extra help with your application, or if you have any individual requirements at any stage along your recruitment journey. We are here to support you, so please reach out to our team, (recruitment@fly.virgin.com) feeling confident that we’ve got your individual considerations covered.
Consultant – Information Security employer: Virgin holidays
Contact Detail:
Virgin holidays Recruiting Team
recruitment@fly.virgin.com
StudySmarter Expert Advice 🤫
We think this is how you could land Consultant – Information Security
✨Tip Number 1
Familiarise yourself with the specific frameworks mentioned in the job description, such as ISO/IEC 27001:2022 and NIST CSF. Being able to discuss these frameworks confidently during your interview will demonstrate your expertise and commitment to information security.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in GRC roles. Engaging with industry groups or attending relevant webinars can provide insights and connections that may help you stand out as a candidate.
✨Tip Number 3
Prepare to showcase your hands-on experience with risk assessments and supplier reviews. Think of specific examples where you've successfully identified and mitigated risks, as this will highlight your practical skills and problem-solving abilities.
✨Tip Number 4
Demonstrate your collaborative mindset by discussing past experiences where you worked with both technical and non-technical teams. Highlighting your ability to communicate complex security concepts in an accessible way will resonate well with the hiring team.
We think you need these skills to ace Consultant – Information Security
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Consultant – Information Security position. Familiarise yourself with key frameworks like ISO/IEC 27001:2022, NIST CSF, and PCI-DSS, as well as the specific skills mentioned in the job description.
Tailor Your CV: Customise your CV to highlight relevant experience in information security, risk assessments, and compliance. Use keywords from the job description to ensure your CV aligns with what Virgin Atlantic is looking for.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for information security and your understanding of the role. Mention specific experiences that demonstrate your ability to manage risks and communicate effectively with both technical and non-technical audiences.
Proofread Your Application: Before submitting, carefully proofread your application materials. Check for any spelling or grammatical errors, and ensure that all information is clear and concise. A polished application reflects your attention to detail and professionalism.
How to prepare for a job interview at Virgin holidays
✨Understand the Frameworks
Familiarise yourself with key frameworks like ISO/IEC 27001:2022, NIST CSF, and PCI-DSS. Be prepared to discuss how these frameworks apply to information security governance and risk management in your previous roles.
✨Showcase Your Communication Skills
Since the role requires engaging both technical and non-technical audiences, practice explaining complex security concepts in simple terms. Use examples from your past experiences to demonstrate your ability to communicate effectively.
✨Demonstrate a Collaborative Mindset
Highlight instances where you worked collaboratively with teams or stakeholders to achieve security objectives. Emphasise your passion for making security a business enabler and how you can contribute to a positive team dynamic.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think of examples where you identified risks, implemented controls, or advised on compliance matters, and be ready to discuss the outcomes.
